General

  • Target

    9646bd2aea6e22e3bf9f76088aa4721a79cc19954e644c4d09e5b46ad70f0b9e

  • Size

    14KB

  • Sample

    240406-zr9h5sbf33

  • MD5

    c927a7b90aa70fd1a7481efd63981b0d

  • SHA1

    72da29b027c9e2b6b95f573845ac010b83ee123f

  • SHA256

    9646bd2aea6e22e3bf9f76088aa4721a79cc19954e644c4d09e5b46ad70f0b9e

  • SHA512

    cec3cf62212d50780acab78998fa852801387a92c845b0d3094f9ae653e5db250bc3b681cc64722d877b75a035ffa7720a0862c1e53fdede99afca4e9d99f550

  • SSDEEP

    192:23mbPYCfMcrfOIuZmvKQxtzlSIVX6NO2DRS8ejDMN1:VMCfrfQ6tBSI8R/eUN1

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://172.24.198.92:8080/QkXH

Attributes
  • headers User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0)

Targets

    • Target

      9646bd2aea6e22e3bf9f76088aa4721a79cc19954e644c4d09e5b46ad70f0b9e

    • Size

      14KB

    • MD5

      c927a7b90aa70fd1a7481efd63981b0d

    • SHA1

      72da29b027c9e2b6b95f573845ac010b83ee123f

    • SHA256

      9646bd2aea6e22e3bf9f76088aa4721a79cc19954e644c4d09e5b46ad70f0b9e

    • SHA512

      cec3cf62212d50780acab78998fa852801387a92c845b0d3094f9ae653e5db250bc3b681cc64722d877b75a035ffa7720a0862c1e53fdede99afca4e9d99f550

    • SSDEEP

      192:23mbPYCfMcrfOIuZmvKQxtzlSIVX6NO2DRS8ejDMN1:VMCfrfQ6tBSI8R/eUN1

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

MITRE ATT&CK Matrix

Tasks