General

  • Target

    https.exe

  • Size

    82KB

  • Sample

    240622-cc88hasbrc

  • MD5

    a1c984415c2aefd5b01be2caac70dca7

  • SHA1

    372feb5ba12779df7360692455cfd6cc28392908

  • SHA256

    c2b8512055bcd2b94f235a56c6add1914d92a2fc78c5cb7c942d3c4496263a68

  • SHA512

    ee5724dba64299d7fa346910d31aa1e9cd3f2fdb80dae77420d2a27b538314a54d4154f687800cec2828cb60167546b1f6e1d47da670d76385bbc83eee359cfe

  • SSDEEP

    1536:ImRlHYhdhL2aVf28d7a28WCywUwSKMb+KR0Nc8QsJq3S7yxsW:hmdhiaVfq28DUKe0Nc8QsCSA

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_winhttp

C2

https://45.76.55.148/_uecRF-rE1mCi4OK52eXyA9-i2584cVh-QxIL

Targets

    • Target

      https.exe

    • Size

      82KB

    • MD5

      a1c984415c2aefd5b01be2caac70dca7

    • SHA1

      372feb5ba12779df7360692455cfd6cc28392908

    • SHA256

      c2b8512055bcd2b94f235a56c6add1914d92a2fc78c5cb7c942d3c4496263a68

    • SHA512

      ee5724dba64299d7fa346910d31aa1e9cd3f2fdb80dae77420d2a27b538314a54d4154f687800cec2828cb60167546b1f6e1d47da670d76385bbc83eee359cfe

    • SSDEEP

      1536:ImRlHYhdhL2aVf28d7a28WCywUwSKMb+KR0Nc8QsJq3S7yxsW:hmdhiaVfq28DUKe0Nc8QsCSA

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

MITRE ATT&CK Matrix

Tasks