metasploit | 654480ada3e2610cd98f9e8d3b1d4024cec075ac5ee237d853087a4095cc0bda | Triage

Sharing

General

Target

654480ada3e2610cd98f9e8d3b1d4024cec075ac5ee237d853087a4095cc0bda
Size

10KB
Sample

241223-t7bddsvnbt
MD5

e8ba1a97bb9d585fa35fdb19e3f7fdd0
SHA1

a619219dad4c9ac7da41b89aa936ff17c0fe3346
SHA256

654480ada3e2610cd98f9e8d3b1d4024cec075ac5ee237d853087a4095cc0bda
SHA512

faf22318ab445a6f3df9a675e4bbf51c1ef42760360e7c5be25751f9d37d3340707993f54a96da7ac0399c2103c41139f321d24a64fc2e6c3e562ced05f44d93
SSDEEP

192:eu0cIUCTI8vt+xHR2WCsj7vEhq22au5pz6fMxbRB:30RA84xHR2sCf2aQ1

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://192.168.16.68:1111/NsFU

Attributes

headers User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0; MASP)

Targets

- Target
  
  654480ada3e2610cd98f9e8d3b1d4024cec075ac5ee237d853087a4095cc0bda
- Size
  
  10KB
- MD5
  
  e8ba1a97bb9d585fa35fdb19e3f7fdd0
- SHA1
  
  a619219dad4c9ac7da41b89aa936ff17c0fe3346
- SHA256
  
  654480ada3e2610cd98f9e8d3b1d4024cec075ac5ee237d853087a4095cc0bda
- SHA512
  
  faf22318ab445a6f3df9a675e4bbf51c1ef42760360e7c5be25751f9d37d3340707993f54a96da7ac0399c2103c41139f321d24a64fc2e6c3e562ced05f44d93
- SSDEEP
  
  192:eu0cIUCTI8vt+xHR2WCsj7vEhq22au5pz6fMxbRB:30RA84xHR2sCf2aQ1
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan