General

  • Target

    555ef79470ddd48be26d41437e93f077a8cce8598ae896a7b9931b1c998057ce

  • Size

    1KB

  • Sample

    220725-tp941adff5

  • MD5

    8960d653462d35e1f712e68eea91f00c

  • SHA1

    0f185e3a1dd0a8ad324ad7d9f1e2c459671d5205

  • SHA256

    555ef79470ddd48be26d41437e93f077a8cce8598ae896a7b9931b1c998057ce

  • SHA512

    064fc89879ae38d35d909fc412d95bc2b00b38d86928f753e9a7b7ebb4aebce2697ce98531987a8e388bcc96faa97d27ad5450840913b650b008575dc4124eb5

Score
10/10

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://47.52.204.241:80/2Ypa

Targets

    • Target

      test.ps1

    • Size

      2KB

    • MD5

      926e5a0589c28d9f9df27076309b69f1

    • SHA1

      f8a7a8376ed133b6875d4f008f49b1799b2cbe68

    • SHA256

      a1be8ab1061d8dfa7fc2b82e256971ee110695e776e493c96625935f9143aebd

    • SHA512

      7bdc74249e1aa22fd0ed69c7709926e7137d386d61e00c958e8f12ec060980b482a69813ce3557ddbce901ac886ff0e2b30b2ddedc7f79b6c5c73eab7ee677ea

    Score
    8/10
    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks