General

  • Target

    ae2c512f485e93e67d8addbad8688890.bin

  • Size

    8.2MB

  • Sample

    240624-drywrazamk

  • MD5

    e2e57d5d11a0c2b10ce29312138d044b

  • SHA1

    84b20bdbeb2be92c9c397a0317052c837d6881ed

  • SHA256

    33286d7918c0f86e4eea209c65e2d55c30b8c2d6ce4c83059ee5c4e07d2469d2

  • SHA512

    e513cab7918b12a4fb0a666d6f603e5992ff2bb4d28a655ecb10fdce862c34afbdc26ff798740bcb3e48715cf278ff97af73acb58dfca0b1c5561d3ad601cf48

  • SSDEEP

    196608:XW5S7dTn8mUuFo18avIH7tZQknBJee4zZdk2T+k/zE/1CnO:kSRT9UuFAAHQknhUPQ/1CnO

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_winhttp

C2

https://103.43.18.230/_-4iC1Ai554cFh0Xek-AugfMDAGzX3T_TPxLGmdPUIvKmkBC9Xu1smNmqYoUDvu-7A6cZl_LyfJKf2TMOqk-__

Targets

    • Target

      2c23ebfdae563e676de0f80ed5277ef022dcf6b8d1a6c612162d182658ba628d.exe

    • Size

      8.5MB

    • MD5

      ae2c512f485e93e67d8addbad8688890

    • SHA1

      375bcec9ad095f039ea8cbb22b558b0a3749c9e8

    • SHA256

      2c23ebfdae563e676de0f80ed5277ef022dcf6b8d1a6c612162d182658ba628d

    • SHA512

      eb8661fac9f83a8f597ac777f82cd082035ca6c540af9e2ab9cff5c4213f5b1ae7eb4d7b174886e14377664e2c17dcd58327dfd9ead241692ad0ffd614a0320e

    • SSDEEP

      196608:lL8uVdZwZKkc5HKu5h44azrnnopUcC8l7qjc9ZFnozOc7FkBv:l7VdZw7cM8yprnbcr7qI9ZrcQ

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

MITRE ATT&CK Matrix

Tasks