General

  • Target

    crmcomedalx64.exe

  • Size

    7KB

  • Sample

    240418-lpjcaaaf7z

  • MD5

    eb29c1d3688b840b10a14fdb062df69c

  • SHA1

    3f1357a43665775e20014321ee5e858f9ecb4032

  • SHA256

    0c1a56a5db0a0c1e9b465ff5f1cf7f91e66f402486e7bb36ce4f9c99ff584ea5

  • SHA512

    0a38afe50a79628b44ac0b7e52ba81c856189489fbdaefb9bcbc4bfc78108a42367869750489c213cc7996e0c4cfc6d7b35aa321fa152fe2b39ad0399fba4604

  • SSDEEP

    24:eFGStrJ9u0/6FVFnZd0BQAVkIunxUrXv0CrS5tVOLxSKd9evDIivvvstpmB:is0yF0BQ26Wr/0CrGQL8K/evpvsKB

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

metasploit_stager

C2

3.84.34.113:443

Targets

    • Target

      crmcomedalx64.exe

    • Size

      7KB

    • MD5

      eb29c1d3688b840b10a14fdb062df69c

    • SHA1

      3f1357a43665775e20014321ee5e858f9ecb4032

    • SHA256

      0c1a56a5db0a0c1e9b465ff5f1cf7f91e66f402486e7bb36ce4f9c99ff584ea5

    • SHA512

      0a38afe50a79628b44ac0b7e52ba81c856189489fbdaefb9bcbc4bfc78108a42367869750489c213cc7996e0c4cfc6d7b35aa321fa152fe2b39ad0399fba4604

    • SSDEEP

      24:eFGStrJ9u0/6FVFnZd0BQAVkIunxUrXv0CrS5tVOLxSKd9evDIivvvstpmB:is0yF0BQ26Wr/0CrGQL8K/evpvsKB

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

MITRE ATT&CK Matrix

Tasks