General

  • Target

    https-230.exe

  • Size

    8.5MB

  • Sample

    240622-ccn8bssbpb

  • MD5

    ae2c512f485e93e67d8addbad8688890

  • SHA1

    375bcec9ad095f039ea8cbb22b558b0a3749c9e8

  • SHA256

    2c23ebfdae563e676de0f80ed5277ef022dcf6b8d1a6c612162d182658ba628d

  • SHA512

    eb8661fac9f83a8f597ac777f82cd082035ca6c540af9e2ab9cff5c4213f5b1ae7eb4d7b174886e14377664e2c17dcd58327dfd9ead241692ad0ffd614a0320e

  • SSDEEP

    196608:lL8uVdZwZKkc5HKu5h44azrnnopUcC8l7qjc9ZFnozOc7FkBv:l7VdZw7cM8yprnbcr7qI9ZrcQ

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_winhttp

C2

https://103.43.18.230/_-4iC1Ai554cFh0Xek-AugfMDAGzX3T_TPxLGmdPUIvKmkBC9Xu1smNmqYoUDvu-7A6cZl_LyfJKf2TMOqk-__

Targets

    • Target

      https-230.exe

    • Size

      8.5MB

    • MD5

      ae2c512f485e93e67d8addbad8688890

    • SHA1

      375bcec9ad095f039ea8cbb22b558b0a3749c9e8

    • SHA256

      2c23ebfdae563e676de0f80ed5277ef022dcf6b8d1a6c612162d182658ba628d

    • SHA512

      eb8661fac9f83a8f597ac777f82cd082035ca6c540af9e2ab9cff5c4213f5b1ae7eb4d7b174886e14377664e2c17dcd58327dfd9ead241692ad0ffd614a0320e

    • SSDEEP

      196608:lL8uVdZwZKkc5HKu5h44azrnnopUcC8l7qjc9ZFnozOc7FkBv:l7VdZw7cM8yprnbcr7qI9ZrcQ

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

MITRE ATT&CK Matrix

Tasks