metasploit | 1cbf8177f99aec18d3b6583ace0dcb6eac59411d55508225d66d21b07bc9bcf7 | Triage

Sharing

General

Target

f3be4c9e11813932eacdf383d12c07d5.bin
Size

43KB
Sample

241227-cdgjwayngt
MD5

522cd2f010b4b0b015c7056ff7a4a230
SHA1

ca0365a07520843fe08142ccb7d0f79abf71e196
SHA256

1cbf8177f99aec18d3b6583ace0dcb6eac59411d55508225d66d21b07bc9bcf7
SHA512

67ca671bd277db1ab9a1a0a5903d80328ba358a458fb51185728bd5802323283a69bf2466faf8adb7ee57377a8a0bdc5f6657186f654549f08f91d6f3ec9b591
SSDEEP

768:gmc0Gx6Lw7QRqhC0XTK5wBoTCInpd9L9pFxbNQAwCmsxiX5KiI6n8xaO7xhqP:DzGkW82C2TUw+TCInpZQAwYxiXqa6x4

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

10.211.55.10:4444

Targets

- Target
  
  66fd34d63c9269d03c0cce26656ee1d94fc181fda5617900b7106c1603dc34d7.exe
- Size
  
  72KB
- MD5
  
  f3be4c9e11813932eacdf383d12c07d5
- SHA1
  
  7537a2464bf4bcb33137f8db5438452662ed3138
- SHA256
  
  66fd34d63c9269d03c0cce26656ee1d94fc181fda5617900b7106c1603dc34d7
- SHA512
  
  b0c316856bc4540137256eb52a381ee04deaf90ca5ae3f0357dfe6a9de22d8927b81190dc6fa87b03016e07397ef51ed751d3abd8662f67f357f550581f1660c
- SSDEEP
  
  1536:I0E0tSuyhNz/EnW1B1QAvtoMDsy/APMb+KR0Nc8QsJq39:VEMvyPLEq1QgWBy/APe0Nc8QsC9
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan