metasploit | c3579c8d457509c6fbb754d9daadf23bce8e984edf531e16d896827afd500a38 | Triage

Sharing

General

Target

Anydesk1.exe
Size

5.4MB
Sample

250330-hcypnatrv9
MD5

bdb8078d2259dc756393b1a4c0f4802b
SHA1

12ab6f40c40876e59a022b773f83f3d0276fb7e1
SHA256

c3579c8d457509c6fbb754d9daadf23bce8e984edf531e16d896827afd500a38
SHA512

5ae59d1ddc7d00dbe4cc691f98033e02181b64b7d1a9d68538edd91365a02e56dae2965d528d34d0ecc21b817f6ccf507409ef02629c5b3c72ef8589f9bd3c6a
SSDEEP

98304:ZtfdKXgOYVH8h0VHoz7NnXettSBlQL7A6C4T2tkrgnZyjJevostUe6x0X:nE3zh0VK7levLL7nCQ2tCKue6x0X

Score

10^/10

metasploit backdoor trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

4.188.72.122:8080

Targets

- Target
  
  Anydesk1.exe
- Size
  
  5.4MB
- MD5
  
  bdb8078d2259dc756393b1a4c0f4802b
- SHA1
  
  12ab6f40c40876e59a022b773f83f3d0276fb7e1
- SHA256
  
  c3579c8d457509c6fbb754d9daadf23bce8e984edf531e16d896827afd500a38
- SHA512
  
  5ae59d1ddc7d00dbe4cc691f98033e02181b64b7d1a9d68538edd91365a02e56dae2965d528d34d0ecc21b817f6ccf507409ef02629c5b3c72ef8589f9bd3c6a
- SSDEEP
  
  98304:ZtfdKXgOYVH8h0VHoz7NnXettSBlQL7A6C4T2tkrgnZyjJevostUe6x0X:nE3zh0VK7levLL7nCQ2tCKue6x0X
Score

10^/10

metasploit backdoor trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

metasploitbackdoortrojan