metasploit | 72d542ee11636acbbdaf6abae9ce8b207e7cd76570fa566105ead448d764039a | Triage

Sharing

General

Target

72d542ee11636acbbdaf6abae9ce8b207e7cd76570fa566105ead448d764039a.exe
Size

72KB
Sample

201229-35bqthfvw2
MD5

bbb623f371e36ce830c63f57bdab7c42
SHA1

d87aef89930bc9b687790647781eecaabc08ecb8
SHA256

72d542ee11636acbbdaf6abae9ce8b207e7cd76570fa566105ead448d764039a
SHA512

6a2c0df98795556954f13d9ce4c7c177b9291781aeed7b219678025ab100b2bf8a82b27a021eb5a61868a8106ae2f7d7b3173958cd99dd54341d28b9fd0d3c68

Score

10^/10

metasploit

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp_dns

C2

https://thedonald.win:7728

Targets

- Target
  
  72d542ee11636acbbdaf6abae9ce8b207e7cd76570fa566105ead448d764039a.exe
- Size
  
  72KB
- MD5
  
  bbb623f371e36ce830c63f57bdab7c42
- SHA1
  
  d87aef89930bc9b687790647781eecaabc08ecb8
- SHA256
  
  72d542ee11636acbbdaf6abae9ce8b207e7cd76570fa566105ead448d764039a
- SHA512
  
  6a2c0df98795556954f13d9ce4c7c177b9291781aeed7b219678025ab100b2bf8a82b27a021eb5a61868a8106ae2f7d7b3173958cd99dd54341d28b9fd0d3c68
Score

10^/10
- Suspicious use of NtCreateProcessExOtherParentProcess
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2