General

  • Target

    588738dc093f95ff844e0bcb3c5159eec1beb15231bc73f3c0ec1303f95767eb

  • Size

    9KB

  • Sample

    240620-18jvgszdka

  • MD5

    3381580b82ef10423c11f10e7dbc2de0

  • SHA1

    a75b9dc32418a5527b70f686355078086293aad1

  • SHA256

    588738dc093f95ff844e0bcb3c5159eec1beb15231bc73f3c0ec1303f95767eb

  • SHA512

    e9aa1bc6c359d81e3bfffb7e9b08887fc4f7f4c04be26455865ee564eeac9e290300e75049653eed9b7c7f9263c54864f798a88de13a6189f26e7fe48e101cb9

  • SSDEEP

    48:q0kV3zU9G4aNVh7XphlhEF57/ncGGTJonbOE:vDIKkbJo

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

127.0.0.1:4444

Targets

    • Target

      588738dc093f95ff844e0bcb3c5159eec1beb15231bc73f3c0ec1303f95767eb

    • Size

      9KB

    • MD5

      3381580b82ef10423c11f10e7dbc2de0

    • SHA1

      a75b9dc32418a5527b70f686355078086293aad1

    • SHA256

      588738dc093f95ff844e0bcb3c5159eec1beb15231bc73f3c0ec1303f95767eb

    • SHA512

      e9aa1bc6c359d81e3bfffb7e9b08887fc4f7f4c04be26455865ee564eeac9e290300e75049653eed9b7c7f9263c54864f798a88de13a6189f26e7fe48e101cb9

    • SSDEEP

      48:q0kV3zU9G4aNVh7XphlhEF57/ncGGTJonbOE:vDIKkbJo

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks