Overview

overview

10

Static

static

1

msf.docm

windows7-x64

10

msf.docm

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    msf.docm

  • Size

    83KB

  • Sample

    241231-njb25azqfk

  • MD5

    24fa322381a5fe289d5387282df09cb1

  • SHA1

    c3141ff88b31a80cf9d494fa6bf93ec45091d3ca

  • SHA256

    9e3c9b918dfd2e9a183c8c3c83ff0af441a4e7085a588afe7a606e9a46d83d9b

  • SHA512

    bda58431b60b5ba773e77defee6ebd85c8ac82e1af1015e5581686189e2c3595412d9bc8232f9ea3714246f5098295d52d60085f60e3f70fc64dcb9504d95cca

  • SSDEEP

    1536:Mb+WqQuctgdomXh9Qi4SA2/KBHlSL+Bee/2wOlqqsB0sRvziEOXClx:U+X8YF3ISA2/SHlJ2wOlqqsLptOCX

Score
10/10
metasploitbackdoordiscoverytrojan

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://github.com:443/pbatard/rufus/releases/download/v4.6/rufus-4.6.exe

Targets

    • Target

      msf.docm

    • Size

      83KB

    • MD5

      24fa322381a5fe289d5387282df09cb1

    • SHA1

      c3141ff88b31a80cf9d494fa6bf93ec45091d3ca

    • SHA256

      9e3c9b918dfd2e9a183c8c3c83ff0af441a4e7085a588afe7a606e9a46d83d9b

    • SHA512

      bda58431b60b5ba773e77defee6ebd85c8ac82e1af1015e5581686189e2c3595412d9bc8232f9ea3714246f5098295d52d60085f60e3f70fc64dcb9504d95cca

    • SSDEEP

      1536:Mb+WqQuctgdomXh9Qi4SA2/KBHlSL+Bee/2wOlqqsB0sRvziEOXClx:U+X8YF3ISA2/SHlJ2wOlqqsLptOCX

    Score
    10/10
    metasploitbackdoordiscoverytrojan

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit

    • Metasploit family

      metasploit

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks