General

  • Target

    5cb1daeb27464d9270338d0f406053c0

  • Size

    106KB

  • Sample

    240115-k9nbasebf5

  • MD5

    5cb1daeb27464d9270338d0f406053c0

  • SHA1

    e4ce9e7001387c9667302a7107b8742a95151a4d

  • SHA256

    6daabb15488f40dee729de78c9435dd5721cce9ffd19849d468e2c1e85ffaddb

  • SHA512

    79011d62cfc5801feb06b4fc1addf943bfc0685c8020bd9d4f454cf558722db2b1059c053bc50c64102b0662c65f8cabe61392645b1ecebc381b961d6ef9991b

  • SSDEEP

    1536:kSwQYb7TpU6Y9SRVbXC0PPJOtAVhbqNyTsW7qd09dlDvTBWWOuGIV5b:kSwtbHpNY9UVDvHJOtAXbagwMJvFIIP

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

13.237.195.31:8443

Targets

    • Target

      5cb1daeb27464d9270338d0f406053c0

    • Size

      106KB

    • MD5

      5cb1daeb27464d9270338d0f406053c0

    • SHA1

      e4ce9e7001387c9667302a7107b8742a95151a4d

    • SHA256

      6daabb15488f40dee729de78c9435dd5721cce9ffd19849d468e2c1e85ffaddb

    • SHA512

      79011d62cfc5801feb06b4fc1addf943bfc0685c8020bd9d4f454cf558722db2b1059c053bc50c64102b0662c65f8cabe61392645b1ecebc381b961d6ef9991b

    • SSDEEP

      1536:kSwQYb7TpU6Y9SRVbXC0PPJOtAVhbqNyTsW7qd09dlDvTBWWOuGIV5b:kSwtbHpNY9UVDvHJOtAXbagwMJvFIIP

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks