General

  • Target

    a1c984415c2aefd5b01be2caac70dca7.bin

  • Size

    51KB

  • Sample

    240624-drdwkswbrg

  • MD5

    b28fed764de776f2f7b56b69d930188a

  • SHA1

    a4adb24c04b48a0cbbc0ecfeaf14f632ff8a8408

  • SHA256

    003aa0c58c3a6c3ff72c169d97a49b785a30ec68cab86e4e198f34fd3c41d152

  • SHA512

    11c7eca12c8c81f3b458d073d718ca23f987ab56187a92aaa92754614e30d45036d2d9168b9f2bf8b68e88e920be17738a439fd59b33ebb88589e09d532a806d

  • SSDEEP

    768:RW8W+AeG42YTP4Wl/EM5iI5N7JGghzoaCNQZVlNhED7SQiCAL6znBGWtzuaGbrv+:ztZGKyM5iI5rjtkD7AdLMnBJzlGmxd/P

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_winhttp

C2

https://45.76.55.148/_uecRF-rE1mCi4OK52eXyA9-i2584cVh-QxIL

Targets

    • Target

      c2b8512055bcd2b94f235a56c6add1914d92a2fc78c5cb7c942d3c4496263a68.exe

    • Size

      82KB

    • MD5

      a1c984415c2aefd5b01be2caac70dca7

    • SHA1

      372feb5ba12779df7360692455cfd6cc28392908

    • SHA256

      c2b8512055bcd2b94f235a56c6add1914d92a2fc78c5cb7c942d3c4496263a68

    • SHA512

      ee5724dba64299d7fa346910d31aa1e9cd3f2fdb80dae77420d2a27b538314a54d4154f687800cec2828cb60167546b1f6e1d47da670d76385bbc83eee359cfe

    • SSDEEP

      1536:ImRlHYhdhL2aVf28d7a28WCywUwSKMb+KR0Nc8QsJq3S7yxsW:hmdhiaVfq28DUKe0Nc8QsCSA

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

MITRE ATT&CK Matrix

Tasks