General

  • Target

    0458a6b002fbf48e9095417f2aba472638f4f7606963415e103df81888392bee

  • Size

    14KB

  • Sample

    240406-l3zlesge32

  • MD5

    adc59f9253980fb6d700e115cbc6bd30

  • SHA1

    961c5bf7d3ee0672051eb97b40dc14f2231a0e6d

  • SHA256

    0458a6b002fbf48e9095417f2aba472638f4f7606963415e103df81888392bee

  • SHA512

    8dd34dbb9dc0f930df7b62e82fb8b02d2ec314b0813522e6da70ef751d5c1010c57ccafcfe9ae239d314a3732f38355b7da041e90e0dd14a1673a33808f0fb10

  • SSDEEP

    192:u3mbPYCfMcrfOIuZmvKQxtzlSIVX6NOEvrTejDMN1:tMCfrfQ6tBSISvrTeUN1

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://192.168.227.128:82/VAsR

Attributes
  • headers User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; QQDownload 733; .NET CLR 2.0.50727)

Targets

    • Target

      0458a6b002fbf48e9095417f2aba472638f4f7606963415e103df81888392bee

    • Size

      14KB

    • MD5

      adc59f9253980fb6d700e115cbc6bd30

    • SHA1

      961c5bf7d3ee0672051eb97b40dc14f2231a0e6d

    • SHA256

      0458a6b002fbf48e9095417f2aba472638f4f7606963415e103df81888392bee

    • SHA512

      8dd34dbb9dc0f930df7b62e82fb8b02d2ec314b0813522e6da70ef751d5c1010c57ccafcfe9ae239d314a3732f38355b7da041e90e0dd14a1673a33808f0fb10

    • SSDEEP

      192:u3mbPYCfMcrfOIuZmvKQxtzlSIVX6NOEvrTejDMN1:tMCfrfQ6tBSISvrTeUN1

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

MITRE ATT&CK Matrix

Tasks