General
Target

c5016e158f61adb1d9fd0e452c72416e27d2374cccbfb6013d8618e682ac82f2

Size

409KB

Sample

220630-wrfdhsfcfp

Score
10/10
MD5

81975bc07440316797677712b7c31194

SHA1

fcfd743b839a318d46f58ac5eebbc4290c6cad49

SHA256

c5016e158f61adb1d9fd0e452c72416e27d2374cccbfb6013d8618e682ac82f2

SHA512

3a0e6cebb3c6124c89615fecda68f2ccbcb9d3077364f4afeddeea30f069c79a25a673458f6c63d7e19e66e5f1e2c0654390b2edaa028bd47130b663918307a5

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

192.168.1.101:8080

Targets
Target

c5016e158f61adb1d9fd0e452c72416e27d2374cccbfb6013d8618e682ac82f2

MD5

81975bc07440316797677712b7c31194

Filesize

409KB

Score
10/10
SHA1

fcfd743b839a318d46f58ac5eebbc4290c6cad49

SHA256

c5016e158f61adb1d9fd0e452c72416e27d2374cccbfb6013d8618e682ac82f2

SHA512

3a0e6cebb3c6124c89615fecda68f2ccbcb9d3077364f4afeddeea30f069c79a25a673458f6c63d7e19e66e5f1e2c0654390b2edaa028bd47130b663918307a5

Tags

Signatures

  • MetaSploit

    Description

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    Tags

  • UPX packed file

    Description

    Detects executables packed with UPX/modified UPX open source packer.

    Tags

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          Score
                          8/10

                          behavioral1

                          Score
                          10/10

                          behavioral2

                          Score
                          10/10