General

  • Target

    shellmsf.exe

  • Size

    7KB

  • Sample

    240406-nvcssshd9t

  • MD5

    843295951945e181eedf2ce56b561c98

  • SHA1

    fcb49784d73004d2973eed8a862a493bf9e5ba68

  • SHA256

    0a21b54b1275cb884bfb481bc6345a731487db2ef548fa9ea3cfc59bf7f16290

  • SHA512

    1a0f4405b74a259c700888f4adbf6701a82be5d351bd6725b98ac31366b8c21c4b24ec89ce07515a9a365011bf673c8758157b564f1ee5339ef52390154bc668

  • SSDEEP

    24:eFGStrJ9u0/60vxnZdkBQAVRk+BxKLqZeNDMSCvOXpmB:is0xvBkBQN+Bx5SD9C2kB

Malware Config

Extracted

Family

metasploit

Version

metasploit_stager

C2

192.168.49.107:6333

Targets

    • Target

      shellmsf.exe

    • Size

      7KB

    • MD5

      843295951945e181eedf2ce56b561c98

    • SHA1

      fcb49784d73004d2973eed8a862a493bf9e5ba68

    • SHA256

      0a21b54b1275cb884bfb481bc6345a731487db2ef548fa9ea3cfc59bf7f16290

    • SHA512

      1a0f4405b74a259c700888f4adbf6701a82be5d351bd6725b98ac31366b8c21c4b24ec89ce07515a9a365011bf673c8758157b564f1ee5339ef52390154bc668

    • SSDEEP

      24:eFGStrJ9u0/60vxnZdkBQAVRk+BxKLqZeNDMSCvOXpmB:is0xvBkBQN+Bx5SD9C2kB

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

MITRE ATT&CK Matrix

Tasks