General
Static task
static1
URLScan task
urlscan1
Malware Config
Extracted
Family
metasploit
Version
metasploit_stager
C2
198.13.46.131:8989
Targets
-
-
Gh0st RAT payload
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Stops running service(s)
-
Executes dropped EXE
-