metasploit | 0a5aac647c4708953bd2935be3286473b7b458ced28d5ad73926ed34d279a67b | Triage

Sharing

General

Target

0a5aac647c4708953bd2935be3286473b7b458ced28d5ad73926ed34d279a67b
Size

2.0MB
Sample

241221-stzy6a1rgw
MD5

107f98455430a4a3cdd706ba23095842
SHA1

472653a8761956f75aae70fb05930de7c2bbc07b
SHA256

0a5aac647c4708953bd2935be3286473b7b458ced28d5ad73926ed34d279a67b
SHA512

43ed97964a53c4ff1315367afc6cff8617033bcd908e8e3a61de492a69bbcd82de2c36b4c78563f4485988a942936a963aeb3bd35a08d85b07a5acd3fd4e9906
SSDEEP

24576:SpVmnS4FzCeLkIQSjAclSFAB6pgKeTRKcvbExxlQJ2k1hwHIhC4fHf:SX41VO28uBcek0bVwHAP

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

121.89.201.85:44444

Targets

- Target
  
  0a5aac647c4708953bd2935be3286473b7b458ced28d5ad73926ed34d279a67b
- Size
  
  2.0MB
- MD5
  
  107f98455430a4a3cdd706ba23095842
- SHA1
  
  472653a8761956f75aae70fb05930de7c2bbc07b
- SHA256
  
  0a5aac647c4708953bd2935be3286473b7b458ced28d5ad73926ed34d279a67b
- SHA512
  
  43ed97964a53c4ff1315367afc6cff8617033bcd908e8e3a61de492a69bbcd82de2c36b4c78563f4485988a942936a963aeb3bd35a08d85b07a5acd3fd4e9906
- SSDEEP
  
  24576:SpVmnS4FzCeLkIQSjAclSFAB6pgKeTRKcvbExxlQJ2k1hwHIhC4fHf:SX41VO28uBcek0bVwHAP
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

metasploitbackdoordiscoverytrojan