General

  • Target

    2b3a01aa0817f8f5d5ac31992c2c6e0939740cc0be973b8ff24f7d4d03427d48

  • Size

    72KB

  • Sample

    240623-ytpfbatepk

  • MD5

    9e6d5fa171b67d1aae21ab41b5d25333

  • SHA1

    8384407666a3d1201319a9b072f6238c63c20d42

  • SHA256

    2b3a01aa0817f8f5d5ac31992c2c6e0939740cc0be973b8ff24f7d4d03427d48

  • SHA512

    31908ec5c50e454823f5ab00f79569f4fd9864ac720054f02cb0e879a951059ed2d8adc9fb8e314ecb217cb9963739e4e136f358e6732b31d7cb51208ddb393f

  • SSDEEP

    1536:IYx6R0YJqDKyOHoR3ck34Xu2sX1I6eMb+KR0Nc8QsJq39:nYJqDoHox6suxe0Nc8QsC9

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

192.168.5.135:4444

Targets

    • Target

      2b3a01aa0817f8f5d5ac31992c2c6e0939740cc0be973b8ff24f7d4d03427d48

    • Size

      72KB

    • MD5

      9e6d5fa171b67d1aae21ab41b5d25333

    • SHA1

      8384407666a3d1201319a9b072f6238c63c20d42

    • SHA256

      2b3a01aa0817f8f5d5ac31992c2c6e0939740cc0be973b8ff24f7d4d03427d48

    • SHA512

      31908ec5c50e454823f5ab00f79569f4fd9864ac720054f02cb0e879a951059ed2d8adc9fb8e314ecb217cb9963739e4e136f358e6732b31d7cb51208ddb393f

    • SSDEEP

      1536:IYx6R0YJqDKyOHoR3ck34Xu2sX1I6eMb+KR0Nc8QsJq39:nYJqDoHox6suxe0Nc8QsC9

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

MITRE ATT&CK Matrix

Tasks