General

  • Target

    2cddebf848c6faf4a48152208454f399d1309ea564598226289dd0ffcb78ac12.exe

  • Size

    72KB

  • Sample

    240705-cvkymasfjh

  • MD5

    f3d1406548436009845502e7be068270

  • SHA1

    d06b4aed6e911616c2b742b5025502e4401a59cb

  • SHA256

    2cddebf848c6faf4a48152208454f399d1309ea564598226289dd0ffcb78ac12

  • SHA512

    7c83e75e245e05ae6a08883594e7269e3c61e3ae1b69925bffb476a332eedde14b5dddf952a5903d293138174c635f064844dc19a8bb40ddf1075a7f8b340c3f

  • SSDEEP

    1536:I7pbUkoco140KrHNDetcf9rFMb+KR0Nc8QsJq39:YYkocuKJDetyrFe0Nc8QsC9

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

29.54.63.192:12105

Extracted

Family

metasploit

Version

encoder/fnstenv_mov

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Targets

    • Target

      2cddebf848c6faf4a48152208454f399d1309ea564598226289dd0ffcb78ac12.exe

    • Size

      72KB

    • MD5

      f3d1406548436009845502e7be068270

    • SHA1

      d06b4aed6e911616c2b742b5025502e4401a59cb

    • SHA256

      2cddebf848c6faf4a48152208454f399d1309ea564598226289dd0ffcb78ac12

    • SHA512

      7c83e75e245e05ae6a08883594e7269e3c61e3ae1b69925bffb476a332eedde14b5dddf952a5903d293138174c635f064844dc19a8bb40ddf1075a7f8b340c3f

    • SSDEEP

      1536:I7pbUkoco140KrHNDetcf9rFMb+KR0Nc8QsJq39:YYkocuKJDetyrFe0Nc8QsC9

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

MITRE ATT&CK Matrix

Tasks