metasploit | 53329cf65ee57bcde6de7e97c077174ada19a8cea82fbc152e4cce9115424f6f | Triage

Sharing

General

Target

ab.exe
Size

72KB
Sample

220803-g7ysgagac8
MD5

415fc1be896297c3c13b8ae8af296a5c
SHA1

5fd71d1eb01ad2e533d3bbc6add262ae5c229867
SHA256

53329cf65ee57bcde6de7e97c077174ada19a8cea82fbc152e4cce9115424f6f
SHA512

079872f3584c5902c5846762d9680233b49e89fc29301779a5ebbb3a506a8f22a113b15b77e1722bd5bc90a5478befed55195f65eb05e97dee5d5cb7422f1eef

Score

10^/10

metasploit

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://expresscrack.xyz:443/spotify.pdf.exe

Targets

- Target
  
  ab.exe
- Size
  
  72KB
- MD5
  
  415fc1be896297c3c13b8ae8af296a5c
- SHA1
  
  5fd71d1eb01ad2e533d3bbc6add262ae5c229867
- SHA256
  
  53329cf65ee57bcde6de7e97c077174ada19a8cea82fbc152e4cce9115424f6f
- SHA512
  
  079872f3584c5902c5846762d9680233b49e89fc29301779a5ebbb3a506a8f22a113b15b77e1722bd5bc90a5478befed55195f65eb05e97dee5d5cb7422f1eef
Score

8^/10
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2