metasploit | 20a01af06e17d1cce126b9d37ff62d95dee45a72a38310db43118913e5742f02 | Triage

Sharing

General

Target

20a01af06e17d1cce126b9d37ff62d95dee45a72a38310db43118913e5742f02
Size

575KB
Sample

250327-xw6lyawzgw
MD5

a397478690cc72d5fec49904d2ae626c
SHA1

5c60ab8ef078b866be9cbbe278ca4efda6c38f3f
SHA256

20a01af06e17d1cce126b9d37ff62d95dee45a72a38310db43118913e5742f02
SHA512

4e74986ab6f799717b76b8f39a1a7efbde38067b8449970ac51e6f06146dccab513cb4a1fa3ee96cda65eae4fe4c5b9ecbe659fb21951e96755602d2e2e4ee6f
SSDEEP

12288:BRcrK8T20otDfbH1nwk3Ta77Hp0fWAUmBMmylc9vYFLSqoCy:BF420otlTh9vYFLSqoCy

Score

10^/10

metasploit backdoor trojan

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://10.0.0.128:8899/OAxT

Attributes

headers User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0; NP06)

Targets

- Target
  
  20a01af06e17d1cce126b9d37ff62d95dee45a72a38310db43118913e5742f02
- Size
  
  575KB
- MD5
  
  a397478690cc72d5fec49904d2ae626c
- SHA1
  
  5c60ab8ef078b866be9cbbe278ca4efda6c38f3f
- SHA256
  
  20a01af06e17d1cce126b9d37ff62d95dee45a72a38310db43118913e5742f02
- SHA512
  
  4e74986ab6f799717b76b8f39a1a7efbde38067b8449970ac51e6f06146dccab513cb4a1fa3ee96cda65eae4fe4c5b9ecbe659fb21951e96755602d2e2e4ee6f
- SSDEEP
  
  12288:BRcrK8T20otDfbH1nwk3Ta77Hp0fWAUmBMmylc9vYFLSqoCy:BF420otlTh9vYFLSqoCy
Score

10^/10

metasploit backdoor trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

metasploitbackdoortrojan