General

  • Target

    Setup.exe

  • Size

    72KB

  • Sample

    240406-nw17sahe5y

  • MD5

    f4adfaff12d16a6360d117b6e4c07083

  • SHA1

    2e5a8b99028dfb411b8de532567e1966daaf04a8

  • SHA256

    490be8583d9dea6e3f15cce7aafb6c0be9ea9427e0ebfdf55bf5b5b906998569

  • SHA512

    ac3cd22bc9a344635478c8a8d7dde01e445e53181a548c0ad72128123b6f94495cf42e6562479baa14c231a39a02590058f5f327937b3364dbc35284cb228f60

  • SSDEEP

    1536:I42E2uxUxwhoMn3FreIMdqbB5Dqj22+xui+Lghj9FMb+KR0Nc8QsJq39:R2E2uxUxwSMVr8EB14N+xL+Uhve0Nc84

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

193.117.208.148:7800

Targets

    • Target

      Setup.exe

    • Size

      72KB

    • MD5

      f4adfaff12d16a6360d117b6e4c07083

    • SHA1

      2e5a8b99028dfb411b8de532567e1966daaf04a8

    • SHA256

      490be8583d9dea6e3f15cce7aafb6c0be9ea9427e0ebfdf55bf5b5b906998569

    • SHA512

      ac3cd22bc9a344635478c8a8d7dde01e445e53181a548c0ad72128123b6f94495cf42e6562479baa14c231a39a02590058f5f327937b3364dbc35284cb228f60

    • SSDEEP

      1536:I42E2uxUxwhoMn3FreIMdqbB5Dqj22+xui+Lghj9FMb+KR0Nc8QsJq39:R2E2uxUxwSMVr8EB14N+xL+Uhve0Nc84

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

MITRE ATT&CK Matrix

Tasks