General

  • Target

    6f44fad1f1d0736dd02e25d82698e320

  • Size

    37KB

  • Sample

    240122-k2p5xsdbd6

  • MD5

    6f44fad1f1d0736dd02e25d82698e320

  • SHA1

    7a77eb31fa6f86d0e9fa48674a4ae7f4a347b8be

  • SHA256

    3257b523fad1506f8d6c80214f18063fba891c3a94e2f25a691c1c0f13a43631

  • SHA512

    44a8f185d9e3871471f3cf4df0a71579190044b7f472a00771e41048b41680ac376e11d89bd91dcecfe6e6d3e5f6e5fb913502a1f0976e9de3ba192894b185a3

  • SSDEEP

    768:U6ODJZSuAZbeJFqa6BSRPuYWpWw7SJ+InwJ11Th5eB8WKCjZDoIp:UPDDSTqJwaqSFWIwxIQTh5eqNCjNoI

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Targets

    • Target

      6f44fad1f1d0736dd02e25d82698e320

    • Size

      37KB

    • MD5

      6f44fad1f1d0736dd02e25d82698e320

    • SHA1

      7a77eb31fa6f86d0e9fa48674a4ae7f4a347b8be

    • SHA256

      3257b523fad1506f8d6c80214f18063fba891c3a94e2f25a691c1c0f13a43631

    • SHA512

      44a8f185d9e3871471f3cf4df0a71579190044b7f472a00771e41048b41680ac376e11d89bd91dcecfe6e6d3e5f6e5fb913502a1f0976e9de3ba192894b185a3

    • SSDEEP

      768:U6ODJZSuAZbeJFqa6BSRPuYWpWw7SJ+InwJ11Th5eB8WKCjZDoIp:UPDDSTqJwaqSFWIwxIQTh5eqNCjNoI

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    • Deletes itself

    • Executes dropped EXE

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks