General

  • Target

    81ddf3043df097332e058d843fdad309a54f57d176f9adc7063e7265afe9d74c

  • Size

    72KB

  • Sample

    240704-3pxcksycqc

  • MD5

    2329fa9ddab29de434901d7bc3cd3e59

  • SHA1

    e5a883d275d9f569c2e3597aba31f9b78b565241

  • SHA256

    81ddf3043df097332e058d843fdad309a54f57d176f9adc7063e7265afe9d74c

  • SHA512

    7d9e51169d1a6dcfa02178478333456aebda5ed3f43fddfa3a1ab817666c78956ab32eb74850f8c4ff32b0e979c58a9f5741550c09a5165e9118e267e5f70f04

  • SSDEEP

    1536:IcHHvv0Wq+g126Ffw7pSn1kjUqM6bMb+KR0Nc8QsJq39:N8+g126FoK1kY6be0Nc8QsC9

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

172.52.47.194:8386

Targets

    • Target

      81ddf3043df097332e058d843fdad309a54f57d176f9adc7063e7265afe9d74c

    • Size

      72KB

    • MD5

      2329fa9ddab29de434901d7bc3cd3e59

    • SHA1

      e5a883d275d9f569c2e3597aba31f9b78b565241

    • SHA256

      81ddf3043df097332e058d843fdad309a54f57d176f9adc7063e7265afe9d74c

    • SHA512

      7d9e51169d1a6dcfa02178478333456aebda5ed3f43fddfa3a1ab817666c78956ab32eb74850f8c4ff32b0e979c58a9f5741550c09a5165e9118e267e5f70f04

    • SSDEEP

      1536:IcHHvv0Wq+g126Ffw7pSn1kjUqM6bMb+KR0Nc8QsJq39:N8+g126FoK1kY6be0Nc8QsC9

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

MITRE ATT&CK Matrix

Tasks