General

  • Target

    5da7b5a6d79339bb86ba48ed019b947e

  • Size

    52KB

  • Sample

    240115-vx1qzachf3

  • MD5

    5da7b5a6d79339bb86ba48ed019b947e

  • SHA1

    60a21e7e72b414578f67cd35147e6711fa0e2b26

  • SHA256

    c0f35e299a01580aaf99f6210962689e8aa7b72a90eb1de3cf5ea787abeb8284

  • SHA512

    800eec77e7b298999580eb0c73ede4c4a0e01cfed551c4533dd9e0dc477ff3e5628a0ebad02a3575b39d24b0cbc509d2701a56befe1e763fa925b721905c8cb7

  • SSDEEP

    1536:8d73zrKfH7uzgsEO6VtnpPOTjoGxOvoHh2RVx:XX1bVJpPOTjoGxOgHh2R

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Targets

    • Target

      5da7b5a6d79339bb86ba48ed019b947e

    • Size

      52KB

    • MD5

      5da7b5a6d79339bb86ba48ed019b947e

    • SHA1

      60a21e7e72b414578f67cd35147e6711fa0e2b26

    • SHA256

      c0f35e299a01580aaf99f6210962689e8aa7b72a90eb1de3cf5ea787abeb8284

    • SHA512

      800eec77e7b298999580eb0c73ede4c4a0e01cfed551c4533dd9e0dc477ff3e5628a0ebad02a3575b39d24b0cbc509d2701a56befe1e763fa925b721905c8cb7

    • SSDEEP

      1536:8d73zrKfH7uzgsEO6VtnpPOTjoGxOvoHh2RVx:XX1bVJpPOTjoGxOgHh2R

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    • Adds policy Run key to start application

    • Executes dropped EXE

    • Adds Run key to start application

MITRE ATT&CK Enterprise v15

Tasks