Resubmissions

24-06-2024 02:10

240624-cl1mqavcpg 10

24-06-2024 01:48

240624-b78d1stgjd 10

General

  • Target

    evil.pdf

  • Size

    144KB

  • Sample

    240624-b78d1stgjd

  • MD5

    894da0f85f06457707ce5c0707d1987d

  • SHA1

    a76ef4c01108f9faa7e1bcaa32a95a57b3cfa638

  • SHA256

    44511535438002e9fedf7203018067e3c806e38d9dfffcdbb0e1dd540d97549f

  • SHA512

    d42578a77ee8f67bcb3de028ecb5cfa4ff9e92aebf4e428a39b1e3dbcb8faf6cd56e5fd8d783a7619e4d6b0865ce86a329e0e1c55bd1dd3b614c30e1c276e7d5

  • SSDEEP

    3072:aiuKqbFks+DtTE+8kGuBz8YtXbSsR/8Wp13zgLNZHjV+4kI7wS:tw4tnGIz8ib9xv18PHjVX7wS

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://tmpfiles.org:443/dl/8526939/putty.exe

Targets

    • Target

      evil.pdf

    • Size

      144KB

    • MD5

      894da0f85f06457707ce5c0707d1987d

    • SHA1

      a76ef4c01108f9faa7e1bcaa32a95a57b3cfa638

    • SHA256

      44511535438002e9fedf7203018067e3c806e38d9dfffcdbb0e1dd540d97549f

    • SHA512

      d42578a77ee8f67bcb3de028ecb5cfa4ff9e92aebf4e428a39b1e3dbcb8faf6cd56e5fd8d783a7619e4d6b0865ce86a329e0e1c55bd1dd3b614c30e1c276e7d5

    • SSDEEP

      3072:aiuKqbFks+DtTE+8kGuBz8YtXbSsR/8Wp13zgLNZHjV+4kI7wS:tw4tnGIz8ib9xv18PHjVX7wS

    Score
    1/10
    • Target

      Spreading.pdf

    • Size

      72KB

    • MD5

      eb06ebfad5763ebc700956f5e6ef230d

    • SHA1

      4a6eed80e82857fa2754a2ff3a9fc9cd522e04e1

    • SHA256

      1560f95551d3a9983019bf161d0cf7dc949b5a4e1bf6878a6bae52ed4efec9f4

    • SHA512

      1c22eede3f2c151ed1382934777d408142e0b164fcff12fb70e833879420d9b75af8fc80805412d55908ae559ad49f7a548954fd4c3479dc36af386a1db27e96

    • SSDEEP

      1536:IDjh5VoZlpCniXhADfhYuSxXMb+KR0Nc8QsJq39:yTW709DfWuSxXe0Nc8QsC9

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

MITRE ATT&CK Enterprise v15

Tasks