metasploit | a08cd6a7c9e1555aeb12802a202727a43d5ce1a582b700f61be2637251a83ef7 | Triage

Submit
Reports

Overview

overview

Static

static

1

a08cd6a7c9...7.docm

windows7-x64

a08cd6a7c9...7.docm

windows10-2004-x64

7

Sharing

General

Target

a08cd6a7c9e1555aeb12802a202727a43d5ce1a582b700f61be2637251a83ef7
Size

83KB
Sample

240629-1aykzswglg
MD5

26dd4984304aa5dcb88637897f25fc11
SHA1

56fbdee77d4e75a68782c5ba82a908e7447f4c4b
SHA256

a08cd6a7c9e1555aeb12802a202727a43d5ce1a582b700f61be2637251a83ef7
SHA512

8e11a7db3a0e579ed9edcb9f43a228a05fd87efa37cb59511f5c246dc4809f16a75d40f733ff6760e1651a26501f90ddfecee76fb8ba6ac97bd17a398d83587e
SSDEEP

1536:gp+WqQuctgdKmZDj0gA/SpozBiIbusV/kaCZczqm/UqENyciWOXCls:K+X8YJXd2SpozBDu8/k2em8/8crOCC

Score

10^/10

metasploit backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

a08cd6a7c9e1555aeb12802a202727a43d5ce1a582b700f61be2637251a83ef7.docm

Resource

win7-20240221-en

metasploit backdoor trojan

windows7-x64

10 signatures

60 seconds

Behavioral task

behavioral2

Sample

a08cd6a7c9e1555aeb12802a202727a43d5ce1a582b700f61be2637251a83ef7.docm

Resource

win10v2004-20240508-en

windows10-2004-x64

6 signatures

60 seconds

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

10.127.245.33:1234

Targets

- Target
  
  a08cd6a7c9e1555aeb12802a202727a43d5ce1a582b700f61be2637251a83ef7
- Size
  
  83KB
- MD5
  
  26dd4984304aa5dcb88637897f25fc11
- SHA1
  
  56fbdee77d4e75a68782c5ba82a908e7447f4c4b
- SHA256
  
  a08cd6a7c9e1555aeb12802a202727a43d5ce1a582b700f61be2637251a83ef7
- SHA512
  
  8e11a7db3a0e579ed9edcb9f43a228a05fd87efa37cb59511f5c246dc4809f16a75d40f733ff6760e1651a26501f90ddfecee76fb8ba6ac97bd17a398d83587e
- SSDEEP
  
  1536:gp+WqQuctgdKmZDj0gA/SpozBiIbusV/kaCZczqm/UqENyciWOXCls:K+X8YJXd2SpozBDu8/k2em8/8crOCC
Score

10^/10

metasploit backdoor trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

© 2018-2024

Terms | Privacy