metasploit | 76eca1ca8ec03a7138dd0f68c7d0af6f642d7f31bf3905e6446a76e732f511f4 | Triage

Sharing

General

Target

76eca1ca8ec03a7138dd0f68c7d0af6f642d7f31bf3905e6446a76e732f511f4.zip
Size

43KB
Sample

250326-pbnavs1yhz
MD5

9d587913a57e131f883e386ca0533344
SHA1

0d656422b266a55ef05f68dce1b3b461d791c56c
SHA256

76eca1ca8ec03a7138dd0f68c7d0af6f642d7f31bf3905e6446a76e732f511f4
SHA512

e7f17228fbd23dd32a7e3025fbcba48296a6e02e743c9d3089cf75d461c179118fbe8d294bfaa32132b9df7804669e96337ecac5387de69177f7c7cecc554620
SSDEEP

768:ZYvapdxcvZOsP/MitIJRhEQIpNAjfLzIX/Sj6vCBq+me2kUVH6+Rw/RMYhxnu4YS:Kv2UhP/Mitx+vzT6vC8+meRUd6wwu+GS

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

192.168.1.12:4455

Targets

- Target
  
  eda7de543b8702f222066978cc5c67a97aaeab52ccc0d85f79265f2326cc3b48.exe
- Size
  
  72KB
- MD5
  
  3f50069fedd251d2eef51703b05b4a86
- SHA1
  
  eb54f786a8be9e48bb442150c5db81dec1345829
- SHA256
  
  eda7de543b8702f222066978cc5c67a97aaeab52ccc0d85f79265f2326cc3b48
- SHA512
  
  8192fe5a1a8a1be3c82187fc86cf40e89371776d7bfc84a039603d3d667ceb699efb4d5ec60999aa943be7db3d93b67ce68e9d666edb2a54701e79d5114a22a5
- SSDEEP
  
  1536:I8yFGkzANrabd9BGPiNDtBCDMb+KR0Nc8QsJq39:RWGkzAsbtGPi/Qe0Nc8QsC9
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan