metasploit | d62e44a99414b5864671d04a08f86a5eb811bed0ffb6977e5a4872782f6fb685 | Triage

Sharing

General

Target

msf1M.ps1
Size

1.0MB
Sample

250328-jhp55stshx
MD5

76739f936182b41ff253260f4cc89bf1
SHA1

7b1c4e436b0f9c2baee13dc578ab3f2d5c23865a
SHA256

d62e44a99414b5864671d04a08f86a5eb811bed0ffb6977e5a4872782f6fb685
SHA512

4c1049125fadc400833b26319f8ba767ded9bcfb781f9264341953135ba3d1933bb9a636a2a9e0c35e408353dfc45aed9be320c72c0107d352c8bae4fdf7212b
SSDEEP

48:q+MThimb7RBARAbLPorNfAse3+soGoNeVBXTSbS4:BGTXA0PohfXBGoCJ+z

Score

10^/10

metasploit backdoor execution trojan

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

10.254.66.59:8888

Targets

- Target
  
  msf1M.ps1
- Size
  
  1.0MB
- MD5
  
  76739f936182b41ff253260f4cc89bf1
- SHA1
  
  7b1c4e436b0f9c2baee13dc578ab3f2d5c23865a
- SHA256
  
  d62e44a99414b5864671d04a08f86a5eb811bed0ffb6977e5a4872782f6fb685
- SHA512
  
  4c1049125fadc400833b26319f8ba767ded9bcfb781f9264341953135ba3d1933bb9a636a2a9e0c35e408353dfc45aed9be320c72c0107d352c8bae4fdf7212b
- SSDEEP
  
  48:q+MThimb7RBARAbLPorNfAse3+soGoNeVBXTSbS4:BGTXA0PohfXBGoCJ+z
Score

10^/10

metasploit backdoor execution trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoorexecutiontrojan

behavioral2

metasploitbackdoorexecutiontrojan