General

  • Target

    89bc5e0b5f8e01b563b98bb1fb845f90b395a53e13f32f137191f619bfe997c0

  • Size

    14KB

  • Sample

    240120-ybyk9sfdem

  • MD5

    4f7500f33fb648dd2999ef584cd3796b

  • SHA1

    548215a2f852f5c51a6c6a8fe5cc9bfcf1bae2e9

  • SHA256

    89bc5e0b5f8e01b563b98bb1fb845f90b395a53e13f32f137191f619bfe997c0

  • SHA512

    afdf552556aaa02e63e6c47d4fde56fc1c15831ca87d691d519032b1c257ea18d785c9b9281e14052d7bced7821ffc4a4f558be410a613c8023fea8c03c4a271

  • SSDEEP

    192:M3mbPYCfMcrfOIuZmvKQxtzlSIVX6NOt7ejDMN1:zMCfrfQ6tBSIzeUN1

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://ce18-84-231-9-99.ngrok-free.app:80/yfO62wYQ37NRIssrM2PfNOTmVDCkQEDE

Attributes
  • headers User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; BOIE9;ENAU)

Targets

    • Target

      89bc5e0b5f8e01b563b98bb1fb845f90b395a53e13f32f137191f619bfe997c0

    • Size

      14KB

    • MD5

      4f7500f33fb648dd2999ef584cd3796b

    • SHA1

      548215a2f852f5c51a6c6a8fe5cc9bfcf1bae2e9

    • SHA256

      89bc5e0b5f8e01b563b98bb1fb845f90b395a53e13f32f137191f619bfe997c0

    • SHA512

      afdf552556aaa02e63e6c47d4fde56fc1c15831ca87d691d519032b1c257ea18d785c9b9281e14052d7bced7821ffc4a4f558be410a613c8023fea8c03c4a271

    • SSDEEP

      192:M3mbPYCfMcrfOIuZmvKQxtzlSIVX6NOt7ejDMN1:zMCfrfQ6tBSIzeUN1

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

MITRE ATT&CK Enterprise v15

Tasks