General

  • Target

    a9f7f8eeac7df0aeeefcdc4cfb85c905.exe

  • Size

    279KB

  • Sample

    240107-x3gw6acdak

  • MD5

    a9f7f8eeac7df0aeeefcdc4cfb85c905

  • SHA1

    f665ce21aea7895ee3230514e78aeca05caadbb2

  • SHA256

    aad7f4fce92c090fef2eb6b63ceaf68ad170fa7aafc87e3c4e333f7e72c80178

  • SHA512

    026d3880c100d08bf3a84324d8d40918916a7b122502a55490b1a32cdf0868ed995cbf0825a9cb5b416025525afeb4a3ad00d991b7e58594c8558ebcb95be8a5

  • SSDEEP

    3072:25wLR7Szb178Mov1oMolktC/TQyJ7UwfddZmrkZcNEtu+cRw24io:GwFAhCSjG4/Fmrk1K4io

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

198.167.219.9:443

Targets

    • Target

      a9f7f8eeac7df0aeeefcdc4cfb85c905.exe

    • Size

      279KB

    • MD5

      a9f7f8eeac7df0aeeefcdc4cfb85c905

    • SHA1

      f665ce21aea7895ee3230514e78aeca05caadbb2

    • SHA256

      aad7f4fce92c090fef2eb6b63ceaf68ad170fa7aafc87e3c4e333f7e72c80178

    • SHA512

      026d3880c100d08bf3a84324d8d40918916a7b122502a55490b1a32cdf0868ed995cbf0825a9cb5b416025525afeb4a3ad00d991b7e58594c8558ebcb95be8a5

    • SSDEEP

      3072:25wLR7Szb178Mov1oMolktC/TQyJ7UwfddZmrkZcNEtu+cRw24io:GwFAhCSjG4/Fmrk1K4io

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

MITRE ATT&CK Matrix

Tasks