metasploit | 1da0ce0810952354a5e288a3dd6690338228933c5ff726d317c4748a4322e6dd | Triage

Submit
Reports

Overview

overview

Static

static

weJNgSX4.ps1

windows7-x64

8

weJNgSX4.ps1

windows10-2004-x64

8

Sharing

General

Target

weJNgSX4.posh
Size

3KB
Sample

220826-s3887aedel
MD5

1fec6fbbfaf055b9f9809e578c9c7d43
SHA1

9b360a23ed930cdaf1a22600fad13adf87a51fef
SHA256

1da0ce0810952354a5e288a3dd6690338228933c5ff726d317c4748a4322e6dd
SHA512

0505ee6f3d6d67367d78f378a11c79d2a325e420bb6fc9bd6912d1c7d7b946aeed3ed45b2d0f7f8c2ae5ce3ea78618c6c1ed237313e8a23f1aa7d940ce22e6ed

Score

10^/10

metasploit

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

weJNgSX4.ps1

Resource

win7-20220812-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

weJNgSX4.ps1

Resource

win10v2004-20220812-en

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

metasploit

Version

metasploit_stager

C2

82.2.66.222:4444

Targets

- Target
  
  weJNgSX4.posh
- Size
  
  3KB
- MD5
  
  1fec6fbbfaf055b9f9809e578c9c7d43
- SHA1
  
  9b360a23ed930cdaf1a22600fad13adf87a51fef
- SHA256
  
  1da0ce0810952354a5e288a3dd6690338228933c5ff726d317c4748a4322e6dd
- SHA512
  
  0505ee6f3d6d67367d78f378a11c79d2a325e420bb6fc9bd6912d1c7d7b946aeed3ed45b2d0f7f8c2ae5ce3ea78618c6c1ed237313e8a23f1aa7d940ce22e6ed
Score

8^/10
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy