metasploit | f9b16d85ae8aeb6220cc58612eb5ff486efd5f6bc8f2edc4dcb6b845b4eaa5ab | Triage

Sharing

General

Target

f9b16d85ae8aeb6220cc58612eb5ff486efd5f6bc8f2edc4dcb6b845b4eaa5ab
Size

7KB
Sample

250328-fwgjdassfz
MD5

34f61497e390383d71893b56ead2765f
SHA1

926752575716b5b70db9198ea33cf4cb03149b30
SHA256

f9b16d85ae8aeb6220cc58612eb5ff486efd5f6bc8f2edc4dcb6b845b4eaa5ab
SHA512

b155adc44aa86f6317065ac221d3aef1511d41f002c452e884ecf8e5c3fdcdb80a710d3e1c909124106542d466bee16188c08c64374db19ea6b6d6e189618aa3
SSDEEP

192:QLXrzGccwKXB2XqXtfdZhsGI0JY04nDJEg:CXrtcwKx2Xq9fdcGI0J7iDJEg

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://192.168.30.152:80/ceHL

Attributes

headers User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; NP07; NP07)

Targets

- Target
  
  f9b16d85ae8aeb6220cc58612eb5ff486efd5f6bc8f2edc4dcb6b845b4eaa5ab
- Size
  
  7KB
- MD5
  
  34f61497e390383d71893b56ead2765f
- SHA1
  
  926752575716b5b70db9198ea33cf4cb03149b30
- SHA256
  
  f9b16d85ae8aeb6220cc58612eb5ff486efd5f6bc8f2edc4dcb6b845b4eaa5ab
- SHA512
  
  b155adc44aa86f6317065ac221d3aef1511d41f002c452e884ecf8e5c3fdcdb80a710d3e1c909124106542d466bee16188c08c64374db19ea6b6d6e189618aa3
- SSDEEP
  
  192:QLXrzGccwKXB2XqXtfdZhsGI0JY04nDJEg:CXrtcwKx2Xq9fdcGI0J7iDJEg
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan