General

  • Target

    Test.exe

  • Size

    72KB

  • Sample

    240120-2y1kxsaeg6

  • MD5

    ea7112f32f5a6813bc0ced10fe0b8d8b

  • SHA1

    4c2d1e1069d9a2f893d9dcb8c4cac107dae6badd

  • SHA256

    c1147649449132d12aeed7177bfcc49ec383bd392932436f89a76fda433b87bc

  • SHA512

    c81be8f4cd138c9f433024e5d493e76ae57c5c260a4bcc7da408021edbd7a7fdf70b9ecdae53fbccfe64ded59c16d2bee0d9f78f4635e1faa4d254e7c5273063

  • SSDEEP

    1536:I8CAcB59LmdgC+q//pGnjpCfEM1gCvMb+KR0Nc8QsJq39:5wBTm+PSRQp4t1nve0Nc8QsC9

Malware Config

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

192.168.232.129:4444

Targets

    • Target

      Test.exe

    • Size

      72KB

    • MD5

      ea7112f32f5a6813bc0ced10fe0b8d8b

    • SHA1

      4c2d1e1069d9a2f893d9dcb8c4cac107dae6badd

    • SHA256

      c1147649449132d12aeed7177bfcc49ec383bd392932436f89a76fda433b87bc

    • SHA512

      c81be8f4cd138c9f433024e5d493e76ae57c5c260a4bcc7da408021edbd7a7fdf70b9ecdae53fbccfe64ded59c16d2bee0d9f78f4635e1faa4d254e7c5273063

    • SSDEEP

      1536:I8CAcB59LmdgC+q//pGnjpCfEM1gCvMb+KR0Nc8QsJq39:5wBTm+PSRQp4t1nve0Nc8QsC9

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

MITRE ATT&CK Enterprise v15

Tasks