General

  • Target

    54ae6de793ea27b730cba101d0b439b3ce582ed03df8a506596201a994dadaa3

  • Size

    72KB

  • Sample

    240419-1jfrjagc67

  • MD5

    5569f87f472db1a5814837cef6c7c599

  • SHA1

    c70b67409f1baa8c6c1cb033d09241adc4c39682

  • SHA256

    54ae6de793ea27b730cba101d0b439b3ce582ed03df8a506596201a994dadaa3

  • SHA512

    c290c6c52d9bba24dd8bb898575d3da39b3a7a91fe06a61117bbedb6efb069719b0d112ce2d2192e69d3ac774d8b26d84e00a11fc22bf672a84344261b644c10

  • SSDEEP

    1536:I+W9X10QF16v2k6SYKbAl0QjZAaPCqmMHMb+KR0Nc8QsJq39:NWP0cY6S1Xvye0Nc8QsC9

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

171.47.120.158:16770

Targets

    • Target

      54ae6de793ea27b730cba101d0b439b3ce582ed03df8a506596201a994dadaa3

    • Size

      72KB

    • MD5

      5569f87f472db1a5814837cef6c7c599

    • SHA1

      c70b67409f1baa8c6c1cb033d09241adc4c39682

    • SHA256

      54ae6de793ea27b730cba101d0b439b3ce582ed03df8a506596201a994dadaa3

    • SHA512

      c290c6c52d9bba24dd8bb898575d3da39b3a7a91fe06a61117bbedb6efb069719b0d112ce2d2192e69d3ac774d8b26d84e00a11fc22bf672a84344261b644c10

    • SSDEEP

      1536:I+W9X10QF16v2k6SYKbAl0QjZAaPCqmMHMb+KR0Nc8QsJq39:NWP0cY6S1Xvye0Nc8QsC9

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

MITRE ATT&CK Matrix

Tasks