General

  • Target

    PuTTY.exe

  • Size

    1.4MB

  • Sample

    240115-w5175sdhe2

  • MD5

    6b99e07b50a94776c2b4a22e4abb993d

  • SHA1

    ca0082da4b86c40260d21a28297100bfae584064

  • SHA256

    4b94270d77479578ce5d88659bc8e76024c8456578392a341971fbe006e01963

  • SHA512

    7e270dd975d0381dd68c3aa46b21b74e312fc95a1cd590375f5a7b552d1387a171af871c9f8860dcc0a5e377764e205845a584ba01890f2f1787b47f9cfa50ec

  • SSDEEP

    24576:r14iA3zopo5mvLsBTQVNaGVQ/ZUpPS2CJDWQeC6WgQhTt8NsIH73yVpZItiaOt+:GEjEsOUwngQhTilWFI2t

Malware Config

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

20.197.10.91:9091

Targets

    • Target

      PuTTY.exe

    • Size

      1.4MB

    • MD5

      6b99e07b50a94776c2b4a22e4abb993d

    • SHA1

      ca0082da4b86c40260d21a28297100bfae584064

    • SHA256

      4b94270d77479578ce5d88659bc8e76024c8456578392a341971fbe006e01963

    • SHA512

      7e270dd975d0381dd68c3aa46b21b74e312fc95a1cd590375f5a7b552d1387a171af871c9f8860dcc0a5e377764e205845a584ba01890f2f1787b47f9cfa50ec

    • SSDEEP

      24576:r14iA3zopo5mvLsBTQVNaGVQ/ZUpPS2CJDWQeC6WgQhTt8NsIH73yVpZItiaOt+:GEjEsOUwngQhTilWFI2t

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

MITRE ATT&CK Matrix

Tasks