General

  • Target

    fac66113c97d3d2dbcd55e1da9f87b57ccc2ec4d18355f33a8c909b7bfa4e3dc

  • Size

    7.5MB

  • Sample

    240330-n5xwqaed6x

  • MD5

    820684420dcd1109741e2963c4148975

  • SHA1

    d73ca10f929b22046b097382477e981c6b12da59

  • SHA256

    fac66113c97d3d2dbcd55e1da9f87b57ccc2ec4d18355f33a8c909b7bfa4e3dc

  • SHA512

    8fc9dac9ac0146543acddb822f6d91d7d009904389c421eb888be8d1294d504f7319a1811ca2e1129b3f71d4a8994ab0894074c5f7c501cf1244bc9ac118b9de

  • SSDEEP

    196608:owMxI0YvAf7yWsE8gUDjlXOw80OnC84fr9GG/oqub:n4zyWsnDFOwEnu/oXb

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

154.92.15.249:9612

Targets

    • Target

      fac66113c97d3d2dbcd55e1da9f87b57ccc2ec4d18355f33a8c909b7bfa4e3dc

    • Size

      7.5MB

    • MD5

      820684420dcd1109741e2963c4148975

    • SHA1

      d73ca10f929b22046b097382477e981c6b12da59

    • SHA256

      fac66113c97d3d2dbcd55e1da9f87b57ccc2ec4d18355f33a8c909b7bfa4e3dc

    • SHA512

      8fc9dac9ac0146543acddb822f6d91d7d009904389c421eb888be8d1294d504f7319a1811ca2e1129b3f71d4a8994ab0894074c5f7c501cf1244bc9ac118b9de

    • SSDEEP

      196608:owMxI0YvAf7yWsE8gUDjlXOw80OnC84fr9GG/oqub:n4zyWsnDFOwEnu/oXb

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    • Suspicious use of NtSetInformationThreadHideFromDebugger

MITRE ATT&CK Matrix

Tasks