ioc[.]one - OSINT Cyber Threat Intelligence Database

THM Metasploit Meterpreter

Tags

attack-pattern:

Credentials - T1589.001 Dcsync - T1003.006 Exploits - T1587.004 Exploits - T1588.005 Lsa Secrets - T1003.004 Python - T1059.006 Security Account Manager - T1003.002 Server - T1583.004 Server - T1584.004 Software - T1592.002 Timestomp - T1070.006 Tool - T1588.002 Scripting - T1064 Timestomp - T1099 Scripting

Show in Graph

Common Information

Type	Value
UUID	004895a8-7fc0-4256-a8cf-2540ea8b8965
Fingerprint	799ebdf365af2cd5
Analysis status	DONE
Considered CTI value	2
Text language
Published	Sept. 13, 2024, 9:44 a.m.
Added to db	Sept. 13, 2024, 12:43 p.m.
Last updated	Nov. 17, 2024, 6:55 p.m.
Headline	THM Metasploit Meterpreter
Title	THM Metasploit Meterpreter
Detected Hints/Tags/Attributes	76/1/143

Source URLs

	Redirection	Url
Details	Source	https://medium.com/@meg_the_hack/thm-metasploit-meterpreter-459dff7a6155?source=rss------cybersecurity-5

URL Provider

Details	Provider	Source level domain
Details	medium.com	medium.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	167	✔	Cybersecurity on Medium	https://medium.com/feed/tag/cybersecurity	2024-08-30 22:08

Attributes

Details	Type	#Events	Value
Details	Domain	9	www.tryhackme.com
Details	Domain	8	gentilkiwi.com
Details	Domain	16	blog.gentilkiwi.com
Details	Domain	1174	gmail.com
Details	Domain	2	pingcastle.com
Details	Domain	2	mysmartlogon.com
Details	Email	5	benjamin@gentilkiwi.com
Details	Email	1	vincent.letoux@gmail.com
Details	File	2	meterpreter.exe
Details	File	131	spoolsv.exe
Details	File	18	logonui.exe
Details	File	5	c:\windows\system32\logonui.exe
Details	File	119	smss.exe
Details	File	1122	svchost.exe
Details	File	165	csrss.exe
Details	File	9	c:\windows\system32\csrss.exe
Details	File	89	wininit.exe
Details	File	6	c:\windows\system32\wininit.exe
Details	File	212	winlogon.exe
Details	File	11	c:\windows\system32\winlogon.exe
Details	File	306	services.exe
Details	File	23	c:\windows\system32\services.exe
Details	File	21	sppsvc.exe
Details	File	478	lsass.exe
Details	File	29	c:\windows\system32\lsass.exe
Details	File	2125	cmd.exe
Details	File	409	c:\windows\system32\cmd.exe
Details	File	8	c:\windows\system32\spoolsv.exe
Details	File	137	conhost.exe
Details	File	20	c:\windows\system32\conhost.exe
Details	File	1	meterpreter.dll
Details	File	533	ntdll.dll
Details	File	748	kernel32.dll
Details	File	82	kernelbase.dll
Details	File	80	msvcrt.dll
Details	File	16	sechost.dll
Details	File	41	rpcrt4.dll
Details	File	291	user32.dll
Details	File	76	gdi32.dll
Details	File	7	lpk.dll
Details	File	9	usp10.dll
Details	File	9	powrprof.dll
Details	File	14	setupapi.dll
Details	File	7	cfgmgr32.dll
Details	File	229	advapi32.dll
Details	File	47	oleaut32.dll
Details	File	86	ole32.dll
Details	File	7	devobj.dll
Details	File	37	dnsapi.dll
Details	File	130	ws2_32.dll
Details	File	6	nsi.dll
Details	File	16	imm32.dll
Details	File	9	msctf.dll
Details	File	40	cryptbase.dll
Details	File	9	slc.dll
Details	File	4	rpcrtremote.dll
Details	File	39	secur32.dll
Details	File	20	sspicli.dll
Details	File	2	credssp.dll
Details	File	53	iphlpapi.dll
Details	File	6	winnsi.dll
Details	File	15	mswsock.dll
Details	File	4	wshtcpip.dll
Details	File	2	wship6.dll
Details	File	8	rasadhlp.dll
Details	File	6	fwpuclnt.dll
Details	File	8	clbcatq.dll
Details	File	1	umb.dll
Details	File	4	atl.dll
Details	File	19	wintrust.dll
Details	File	83	crypt32.dll
Details	File	8	msasn1.dll
Details	File	5	localspl.dll
Details	File	1	spoolss.dll
Details	File	4	srvcli.dll
Details	File	19	winspool.drv
Details	File	1	printisolationproxy.dll
Details	File	1	fxsmon.dll
Details	File	1	tcpmon.dll
Details	File	2	snmpapi.dll
Details	File	1	wsnmp32.dll
Details	File	5	msxml6.dll
Details	File	69	shlwapi.dll
Details	File	2	usbmon.dll
Details	File	1	wls0wndh.dll
Details	File	1	wsdmon.dll
Details	File	2	wsdapi.dll
Details	File	13	webservices.dll
Details	File	8	firewallapi.dll
Details	File	89	version.dll
Details	File	1	fundisc.dll
Details	File	1	fdpnp.dll
Details	File	2	winprint.dll
Details	File	37	userenv.dll
Details	File	13	profapi.dll
Details	File	3	gpapi.dll
Details	File	7	dsrole.dll
Details	File	2	win32spl.dll
Details	File	1	inetpp.dll
Details	File	3	devrtl.dll
Details	File	3	spinf.dll
Details	File	25	cryptsp.dll
Details	File	12	rsaenh.dll
Details	File	11	winsta.dll
Details	File	4	cscapi.dll
Details	File	12	netutils.dll
Details	File	146	wininet.dll
Details	File	50	urlmon.dll
Details	File	16	iertutil.dll
Details	File	34	winhttp.dll
Details	File	6	webio.dll
Details	File	185	shell32.dll
Details	File	45	mpr.dll
Details	File	59	netapi32.dll
Details	File	5	wkscli.dll
Details	File	34	psapi.dll
Details	File	39	winmm.dll
Details	File	5	dhcpcsvc6.dll
Details	File	6	dhcpcsvc.dll
Details	File	22	apphelp.dll
Details	File	6	nlaapi.dll
Details	File	3	napinsp.dll
Details	File	3	pnrpnsp.dll
Details	File	5	winrnr.dll
Details	File	31	lsm.exe
Details	File	3	c:\windows\system32\lsm.exe
Details	File	142	wmiprvse.exe
Details	File	28	word.exe
Details	File	380	notepad.exe
Details	File	11	flag2.txt
Details	File	2	c:\windows\system32\config\flag2.txt
Details	File	3	secrets.txt
Details	File	1	realsecret.txt
Details	File	1	c:\inetpub\wwwroot\realsecret.txt
Details	md5	33	aad3b435b51404eeaad3b435b51404ee
Details	md5	19	31d6cfe0d16ae931b73c59d7e0c089c0
Details	md5	3	ffb43f0de35be4d9917ac0cc8ad57f8d
Details	md5	1	69596c7aa1e8daee17f8e78870e25a5c
Details	Url	1	https://www.tryhackme.com/jr/metasploitintro
Details	Url	1	https://www.tryhackme.com/jr/metasploitexploitation
Details	Url	8	http://blog.gentilkiwi.com/mimikatz
Details	Url	1	http://pingcastle.com
Details	Url	1	http://mysmartlogon.com