General

  • Target

    1.jar

  • Size

    48KB

  • Sample

    240522-nxb92sea83

  • MD5

    82592ebfde7fe301ee9a3bd14e79ea71

  • SHA1

    07363274a24c63eb10325989cc377435587e8ed5

  • SHA256

    508d6f893f07538458fdf64e07d02789280217efbf7144ddce62aad2bf90cdc2

  • SHA512

    a399ce77952bb5e4c11c855c820b1803b9ca663c18f3eb5ed5238875fa710db6924e0b734d98d871c27a23a3bfa7d2ce0c6b8e58643ae6225a28998f29fa440a

  • SSDEEP

    1536:YarSmry9uv651pAW91i0Q3B6bpLx74oxv:YarSJ9uvmsW91i0ecbz74Q

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_http

C2

http://74.48.220.31:8632/DcTIHAkb/1Q9Al5hrrEDE4cXgoQm6Fg0czya0_1TO2gj2SNkyRMJ-nPV-2Q7lwYfx0yo1Em6ftP82BkL9xndf87LveJ-VVrDZ6OgJgN6b-niS5pLy52oQopR7348MLx5xDu2aNijLl-gsz7J9RcbgJnkc8J_5tuTtHXpWJRhnKwdZw9UP7M-qScr-52RnEiK

Targets

    • Target

      1.jar

    • Size

      48KB

    • MD5

      82592ebfde7fe301ee9a3bd14e79ea71

    • SHA1

      07363274a24c63eb10325989cc377435587e8ed5

    • SHA256

      508d6f893f07538458fdf64e07d02789280217efbf7144ddce62aad2bf90cdc2

    • SHA512

      a399ce77952bb5e4c11c855c820b1803b9ca663c18f3eb5ed5238875fa710db6924e0b734d98d871c27a23a3bfa7d2ce0c6b8e58643ae6225a28998f29fa440a

    • SSDEEP

      1536:YarSmry9uv651pAW91i0Q3B6bpLx74oxv:YarSJ9uvmsW91i0ecbz74Q

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    • Executes dropped EXE

    • Modifies file permissions

MITRE ATT&CK Matrix ATT&CK v13

Tasks