General

  • Target

    482aad5f77deb08475f615b013c5beda7758950bcfce744f79cda579a6f23289

  • Size

    14KB

  • Sample

    240619-lf4xmaxgpd

  • MD5

    40515bef0a8d3c2773f789d4f4bc81e1

  • SHA1

    3a09acda9644035c0cac9efc1dfeab976a55a69c

  • SHA256

    482aad5f77deb08475f615b013c5beda7758950bcfce744f79cda579a6f23289

  • SHA512

    8aac162b415ba3d0e67dbcff9572284345fba7c97875336447f2c2add3db44f98d48e52f6bd727feb782c95b9c84c90ba4ea14c95e3e3be1d5ae193be93aa3b9

  • SSDEEP

    192:K3mbPYCfMcrfOIuZmvKQxtzlSIVX6NOfejDMN1:hMCfrfQ6tBSIBeUN1

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://10.2.21.128:8448/Wma7

Attributes
  • headers User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; InfoPath.2)

Targets

    • Target

      482aad5f77deb08475f615b013c5beda7758950bcfce744f79cda579a6f23289

    • Size

      14KB

    • MD5

      40515bef0a8d3c2773f789d4f4bc81e1

    • SHA1

      3a09acda9644035c0cac9efc1dfeab976a55a69c

    • SHA256

      482aad5f77deb08475f615b013c5beda7758950bcfce744f79cda579a6f23289

    • SHA512

      8aac162b415ba3d0e67dbcff9572284345fba7c97875336447f2c2add3db44f98d48e52f6bd727feb782c95b9c84c90ba4ea14c95e3e3be1d5ae193be93aa3b9

    • SSDEEP

      192:K3mbPYCfMcrfOIuZmvKQxtzlSIVX6NOfejDMN1:hMCfrfQ6tBSIBeUN1

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

MITRE ATT&CK Matrix

Tasks