metasploit | a053bbdad9e2f0628c1479b99df4e58a467f5ced1416b67c59f81eaa02a4c767 | Triage

Sharing

General

Target

a053bbdad9e2f0628c1479b99df4e58a467f5ced1416b67c59f81eaa02a4c767
Size

14KB
Sample

241227-ntjvqavkgt
MD5

401200ebc286f6c737757a5dd979c535
SHA1

7178cb1dd7c0ff74f159367b2109fd3732859f61
SHA256

a053bbdad9e2f0628c1479b99df4e58a467f5ced1416b67c59f81eaa02a4c767
SHA512

6c676260e0f96863cbd750abcab9f67a8013f01d69727eaae0d2fe8d95752a66f9402aab28ac54ce649303f47130b123de90cbc2b42525b014a32418de83a757
SSDEEP

192:H3mbPYCfMcrfOIuZmvKQxtzlSIVX6NOeB9ejDMN1:2MCfrfQ6tBSIwB9eUN1

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://192.168.1.4:80/5oEs

Attributes

headers User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; BOIE9;ESES)

Targets

- Target
  
  a053bbdad9e2f0628c1479b99df4e58a467f5ced1416b67c59f81eaa02a4c767
- Size
  
  14KB
- MD5
  
  401200ebc286f6c737757a5dd979c535
- SHA1
  
  7178cb1dd7c0ff74f159367b2109fd3732859f61
- SHA256
  
  a053bbdad9e2f0628c1479b99df4e58a467f5ced1416b67c59f81eaa02a4c767
- SHA512
  
  6c676260e0f96863cbd750abcab9f67a8013f01d69727eaae0d2fe8d95752a66f9402aab28ac54ce649303f47130b123de90cbc2b42525b014a32418de83a757
- SSDEEP
  
  192:H3mbPYCfMcrfOIuZmvKQxtzlSIVX6NOeB9ejDMN1:2MCfrfQ6tBSIwB9eUN1
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan