Overview

overview

10

Static

static

3

910f08368c...bf.exe

windows7-x64

10

910f08368c...bf.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c1079f06bbd48cbe52b3594e1926d717715764f7a55886966a8d41df2a5b2f7a.zip

  • Size

    57KB

  • Sample

    250327-fx5mlazms4

  • MD5

    b3f4ee1e20cd559684e09fbfe6079ebe

  • SHA1

    78e296bd53287e5d7db87b83557aff25c79c9325

  • SHA256

    c1079f06bbd48cbe52b3594e1926d717715764f7a55886966a8d41df2a5b2f7a

  • SHA512

    0475f751f8e4ca9749d821aa4a89d57ff98f3b76e05d29f79eb4d0ee4acecab252627d2f4f81d324f4bf3cec82b682ea4fb80a712ff4bf95feb2107e5b636d71

  • SSDEEP

    1536:TwPeLyimn4ttmhJbb8Hi3nt+VwaSwiWMjg4cvB:E2LTmn0tSwHYngVw/wujg4cvB

Score
10/10
metasploitbackdoordiscoverytrojan

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://162.14.110.99:54333/AtcD

Attributes
  • headers User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0; BOIE9;ENUS)

Targets

    • Target

      910f08368c08b139a951918b47ac7e0a23ca8f461bb319538ad17916819255bf.exe

    • Size

      101KB

    • MD5

      acd127570e0b879782b2419590e51efe

    • SHA1

      d73f0445d15d05d5702b920a0e78b1cf4fb80003

    • SHA256

      910f08368c08b139a951918b47ac7e0a23ca8f461bb319538ad17916819255bf

    • SHA512

      62ddfe1ef1328c6c6b5109d8adb0965c8fa8570c2f491723f6db0c47703b4a59ba8bb47125d779276fc22eef67908349e198f4e160174fb3d18d7d79316e54f2

    • SSDEEP

      3072:NcvEtWJiOhjSfQepzDy6LFyw5Er9iv4woOY86QN4m:ekoOieor9MB

    Score
    10/10
    metasploitbackdoordiscoverytrojan

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit

    • Metasploit family

      metasploit
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks