General

  • Target

    6ce7565819f7a2c972a909fb682d10c4

  • Size

    455KB

  • Sample

    240121-k1hz8aaef7

  • MD5

    6ce7565819f7a2c972a909fb682d10c4

  • SHA1

    b1d92ef99ba396e5f4a530a83e60cbae4feb78a2

  • SHA256

    468b0a8b9e80c8a264b84ce79d851821c51fe7ae1d93fe5a72fa7277e8a482e7

  • SHA512

    40e05230a76a5a9304c79ea5731b1add8426a5a717ffdfcf80d1f0de0063e2cd050e8d4ac4119e7458a2be6dc013197114bbafac12e38b058d2416a4b512f02d

  • SSDEEP

    12288:xNry0Wf2ktXLwk3Ta77Hp0fWAUmBrgV2OvYFyVIoFi:xif2ktMV2OvYFyVIoFi

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://192.168.0.3:1369/u9eI

Attributes
  • headers User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0)

Targets

    • Target

      6ce7565819f7a2c972a909fb682d10c4

    • Size

      455KB

    • MD5

      6ce7565819f7a2c972a909fb682d10c4

    • SHA1

      b1d92ef99ba396e5f4a530a83e60cbae4feb78a2

    • SHA256

      468b0a8b9e80c8a264b84ce79d851821c51fe7ae1d93fe5a72fa7277e8a482e7

    • SHA512

      40e05230a76a5a9304c79ea5731b1add8426a5a717ffdfcf80d1f0de0063e2cd050e8d4ac4119e7458a2be6dc013197114bbafac12e38b058d2416a4b512f02d

    • SSDEEP

      12288:xNry0Wf2ktXLwk3Ta77Hp0fWAUmBrgV2OvYFyVIoFi:xif2ktMV2OvYFyVIoFi

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

MITRE ATT&CK Matrix

Tasks