General

  • Target

    Backup.exe

  • Size

    72KB

  • Sample

    240115-ta1xsabfd2

  • MD5

    66672e223da6749b0356095dd58f4d6f

  • SHA1

    e8498c65acad5e4c3536cb2b0cddd65816ccaff5

  • SHA256

    53f757a69fd464d35d31c2eae9f9c556b9b4195e2ae6186767f19aa6abae053e

  • SHA512

    07b795929b563d987bc34759ba201eb330799319e44cd552aa6a504a26c25e40abdd0516ea39709eeae8fbd18cad0f12797674fbcb76c9cbf4ed75b346de69ef

  • SSDEEP

    1536:I0Y6RQch30uDEa5lMD134EQMb+KR0Nc8QsJq39:VTfp0uxvMh4he0Nc8QsC9

Malware Config

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

192.168.21.140:1337

Targets

    • Target

      Backup.exe

    • Size

      72KB

    • MD5

      66672e223da6749b0356095dd58f4d6f

    • SHA1

      e8498c65acad5e4c3536cb2b0cddd65816ccaff5

    • SHA256

      53f757a69fd464d35d31c2eae9f9c556b9b4195e2ae6186767f19aa6abae053e

    • SHA512

      07b795929b563d987bc34759ba201eb330799319e44cd552aa6a504a26c25e40abdd0516ea39709eeae8fbd18cad0f12797674fbcb76c9cbf4ed75b346de69ef

    • SSDEEP

      1536:I0Y6RQch30uDEa5lMD134EQMb+KR0Nc8QsJq39:VTfp0uxvMh4he0Nc8QsC9

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

MITRE ATT&CK Matrix

Tasks