General

  • Target

    304a28d5e9010331c8f183b5932d0420410cf5e749f84cdd02d9992abd397285

  • Size

    59KB

  • Sample

    230521-z7phxace34

  • MD5

    85c93cc5259ec43aab31b1505292ba4c

  • SHA1

    ac94bac5207360991be8ace9f926fbe1cf68e3c9

  • SHA256

    304a28d5e9010331c8f183b5932d0420410cf5e749f84cdd02d9992abd397285

  • SHA512

    ce5155ef6baff442faebfbbd22837f15b4ad6b3b752fa1db249d1de3b578b5c4113620b7ff2241d3e63150f4d8cbe110a9681b89046fd077c7aee7428693cdd3

  • SSDEEP

    1536:TLcUj5PyUY5UWHjwKvkbLXx2gJoteRWglkUsh:TQUF6UY5FjlvW9LpQMZsh

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

172.104.56.177:1337

Targets

    • Target

      form.pdf

    • Size

      72KB

    • MD5

      5f00d238716e3f337786f4355b2b9787

    • SHA1

      13e6c20b4814e78cf8c62b425ba9441549b6a77f

    • SHA256

      32418b564d5e2b353a8318de475b13ef58d3a6400d33a4d9ecdf93f29166f234

    • SHA512

      a3d6eb6d35b424df9c953c053d5a791cdcf39539de7f80678b898f1b27acbdf34c0ad16c07e24409db07fe29c2b98e0928c036ead2dbfe77d7581e5b6cd3f532

    • SSDEEP

      1536:Ix3MvR7pgILAIxNsdoLut/jaIFLxBMb+KR0Nc8QsJq39:kCvAxdoCtGgje0Nc8QsC9

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

MITRE ATT&CK Matrix

Tasks