General

  • Target

    EvolixGames.pdf

  • Size

    7KB

  • Sample

    240621-jf1tvsvgmp

  • MD5

    9896237a083951b7e48f2304221c306d

  • SHA1

    9687fad25b1aae9ba5dde3c437d31ae7363947a7

  • SHA256

    3165f558520e5dadaa89e260c33770562bd9267f675bb836c09e8a91b37b1388

  • SHA512

    c7eef9aef450af5b27c5bbaa1933f5736ca0f5ccaf9cc5b72eae8184aae17293aef65a3930918ad23cf3731494decb992ad7a5b65e4678de03370f99c64bb1ef

  • SSDEEP

    24:eFGStrJ9u0/6eRZnZdkBQAVFY+B3KPq/GeNDMSCvOXpmB:is0vRpkBQl+B3nGSD9C2kB

Malware Config

Extracted

Family

metasploit

Version

metasploit_stager

C2

10.0.2.15:4444

Targets

    • Target

      EvolixGames.pdf

    • Size

      7KB

    • MD5

      9896237a083951b7e48f2304221c306d

    • SHA1

      9687fad25b1aae9ba5dde3c437d31ae7363947a7

    • SHA256

      3165f558520e5dadaa89e260c33770562bd9267f675bb836c09e8a91b37b1388

    • SHA512

      c7eef9aef450af5b27c5bbaa1933f5736ca0f5ccaf9cc5b72eae8184aae17293aef65a3930918ad23cf3731494decb992ad7a5b65e4678de03370f99c64bb1ef

    • SSDEEP

      24:eFGStrJ9u0/6eRZnZdkBQAVFY+B3KPq/GeNDMSCvOXpmB:is0vRpkBQl+B3nGSD9C2kB

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

MITRE ATT&CK Matrix ATT&CK v13

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Tasks