metasploit | aaebe94f90f33e30b24bbce26899e6c5d6dfb63abd91d32e45d42abc5933755a | Triage

Submit
Reports

Overview

overview

Static

static

1

nDqOiSmU.vbs

windows7-x64

nDqOiSmU.vbs

windows10-2004-x64

Sharing

General

Target

nDqOiSmU.vbs
Size

10KB
Sample

240630-p7b8ga1fml
MD5

161b4e988b395a2942c84f127f36a274
SHA1

2d43c412b6939557de9770944eae7bd87c9dc363
SHA256

aaebe94f90f33e30b24bbce26899e6c5d6dfb63abd91d32e45d42abc5933755a
SHA512

dec2fba3fc3ebe45dac3fe80921eaae39044efa5ba37ee19d8838c5eaab2c779ddda57c58df77b44eace700c902eac440f0cf64158ab2bf54c26cdf044e8bc48
SSDEEP

48:ZHG0n6qtcQaryowcGDDuJ22GZSo2ke5ETurr5WeXDatEAc7Aum:Y2KryowcGDDuJ23Te5ETusemQXm

Score

10^/10

metasploit backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

nDqOiSmU.vbs

Resource

win7-20240508-en

metasploit backdoor trojan

windows7-x64

5 signatures

300 seconds

Behavioral task

behavioral2

Sample

nDqOiSmU.vbs

Resource

win10v2004-20240611-en

metasploit backdoor trojan

windows10-2004-x64

5 signatures

300 seconds

Malware Config

Extracted

Family

metasploit

Version

metasploit_stager

C2

51.75.140.195:4444

Targets

- Target
  
  nDqOiSmU.vbs
- Size
  
  10KB
- MD5
  
  161b4e988b395a2942c84f127f36a274
- SHA1
  
  2d43c412b6939557de9770944eae7bd87c9dc363
- SHA256
  
  aaebe94f90f33e30b24bbce26899e6c5d6dfb63abd91d32e45d42abc5933755a
- SHA512
  
  dec2fba3fc3ebe45dac3fe80921eaae39044efa5ba37ee19d8838c5eaab2c779ddda57c58df77b44eace700c902eac440f0cf64158ab2bf54c26cdf044e8bc48
- SSDEEP
  
  48:ZHG0n6qtcQaryowcGDDuJ22GZSo2ke5ETurr5WeXDatEAc7Aum:Y2KryowcGDDuJ23Te5ETusemQXm
Score

10^/10

metasploit backdoor trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

metasploitbackdoortrojan

© 2018-2024

Terms | Privacy