General

  • Target

    6fc1e9e7942ba69aa7d4e252919a108e

  • Size

    143KB

  • Sample

    240122-smdscaaaf2

  • MD5

    6fc1e9e7942ba69aa7d4e252919a108e

  • SHA1

    48e3941bdeff80273e474a2a6f0d033d73b4adf5

  • SHA256

    f000dde6db5d6188ba422b51c7908c9fc5fdad74cb1f3a6a24d75711e04595ae

  • SHA512

    1657b72176fda4ffd3dc62cdcf25bd3727a00b48b79863c4707404be94c53678acadee854db73a3ff0ada1bb083234b2c8ff980703a075884d450982976d1905

  • SSDEEP

    3072:eBhx25y6j+oPB4wDYwNqGYdiDQLSLXFgJJHynbaQLLLLLLLL7:6f25DB4RGNw4FgJJo+E

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Targets

    • Target

      6fc1e9e7942ba69aa7d4e252919a108e

    • Size

      143KB

    • MD5

      6fc1e9e7942ba69aa7d4e252919a108e

    • SHA1

      48e3941bdeff80273e474a2a6f0d033d73b4adf5

    • SHA256

      f000dde6db5d6188ba422b51c7908c9fc5fdad74cb1f3a6a24d75711e04595ae

    • SHA512

      1657b72176fda4ffd3dc62cdcf25bd3727a00b48b79863c4707404be94c53678acadee854db73a3ff0ada1bb083234b2c8ff980703a075884d450982976d1905

    • SSDEEP

      3072:eBhx25y6j+oPB4wDYwNqGYdiDQLSLXFgJJHynbaQLLLLLLLL7:6f25DB4RGNw4FgJJo+E

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks