General

  • Target

    3051fb6123ae6e4925f73f73af56eb6b66c115e509f2a18c6546e9f137aa77b6

  • Size

    14KB

  • Sample

    240619-w431cawcng

  • MD5

    8c2c51382597403451a6e6bc424b9d3e

  • SHA1

    2c155761ca9fd51e592e58f942a2aa5259fcc554

  • SHA256

    3051fb6123ae6e4925f73f73af56eb6b66c115e509f2a18c6546e9f137aa77b6

  • SHA512

    aea3a6371a70605963ad13952134420329c76b79c0069b6c806a69e05e05d7a053cc69327046ba67d08e7e0a8158d9aad3d5d4fb5304083b88f43c128402cf76

  • SSDEEP

    192:43mbPYCfMcrfOIuZmvKQxtzlSIVX6NOlE6CejDMN1:3MCfrfQ6tBSIE6CeUN1

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://139.180.159.78:40000/qGNV

Attributes
  • headers User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0; MAM2)

Targets

    • Target

      3051fb6123ae6e4925f73f73af56eb6b66c115e509f2a18c6546e9f137aa77b6

    • Size

      14KB

    • MD5

      8c2c51382597403451a6e6bc424b9d3e

    • SHA1

      2c155761ca9fd51e592e58f942a2aa5259fcc554

    • SHA256

      3051fb6123ae6e4925f73f73af56eb6b66c115e509f2a18c6546e9f137aa77b6

    • SHA512

      aea3a6371a70605963ad13952134420329c76b79c0069b6c806a69e05e05d7a053cc69327046ba67d08e7e0a8158d9aad3d5d4fb5304083b88f43c128402cf76

    • SSDEEP

      192:43mbPYCfMcrfOIuZmvKQxtzlSIVX6NOlE6CejDMN1:3MCfrfQ6tBSIE6CeUN1

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

MITRE ATT&CK Matrix

Tasks