metasploit | 09bfa448e4bbea8fe36be6962b963cfadf764593e03b314c9ce81f9b2cff1349 | Triage

Sharing

General

Target

mnuj9mvxg.dll
Size

71KB
Sample

220622-m1skrsfeg3
MD5

7071a9e9744e0ed2682a228e802d0281
SHA1

fba39f452aafbcba9a7917bf78029d7be66ce7c8
SHA256

09bfa448e4bbea8fe36be6962b963cfadf764593e03b314c9ce81f9b2cff1349
SHA512

7c0e3d496157329b0cb2f1794b6c1bdd574d33293cf3fffa4281230eabe9299344d21a3487186af910b4327ec7c59831a0efafc19389c7dfc8e0554b013b8371

Score

10^/10

metasploit

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://212.192.241.155:8080/ROlO

Attributes

headers User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; BOIE9;ENIN)

Targets

- Target
  
  mnuj9mvxg.dll
- Size
  
  71KB
- MD5
  
  7071a9e9744e0ed2682a228e802d0281
- SHA1
  
  fba39f452aafbcba9a7917bf78029d7be66ce7c8
- SHA256
  
  09bfa448e4bbea8fe36be6962b963cfadf764593e03b314c9ce81f9b2cff1349
- SHA512
  
  7c0e3d496157329b0cb2f1794b6c1bdd574d33293cf3fffa4281230eabe9299344d21a3487186af910b4327ec7c59831a0efafc19389c7dfc8e0554b013b8371
Score

8^/10
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2