metasploit | 2d3538b68e1ae29ca4860e72a3767e51392c6ea40c6fac5b3da6479b5aef7aba | Triage

Sharing

General

Target

2d3538b68e1ae29ca4860e72a3767e51392c6ea40c6fac5b3da6479b5aef7aba
Size

129KB
Sample

220614-yx578sfca5
MD5

421b7fe098088b35d608b50e8043ca60
SHA1

2590909f1994a900b73dea9ed928ac7cec792ead
SHA256

2d3538b68e1ae29ca4860e72a3767e51392c6ea40c6fac5b3da6479b5aef7aba
SHA512

df665e8b68e0ee873b6bd9ce240295a1ba867afb903823791c24339ad0a813e4b511453a4f7373c0f4652a17592e9fd2e0375b8189b498fefa9440494990ab1d

Score

10^/10

metasploit

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

24.9.12.117:53

Targets

- Target
  
  2d3538b68e1ae29ca4860e72a3767e51392c6ea40c6fac5b3da6479b5aef7aba
- Size
  
  129KB
- MD5
  
  421b7fe098088b35d608b50e8043ca60
- SHA1
  
  2590909f1994a900b73dea9ed928ac7cec792ead
- SHA256
  
  2d3538b68e1ae29ca4860e72a3767e51392c6ea40c6fac5b3da6479b5aef7aba
- SHA512
  
  df665e8b68e0ee873b6bd9ce240295a1ba867afb903823791c24339ad0a813e4b511453a4f7373c0f4652a17592e9fd2e0375b8189b498fefa9440494990ab1d
Score

7^/10
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2