General

  • Target

    711673026e077af028d05493940e3fa5c85b52235191136a8446a57d11160a66

  • Size

    14KB

  • Sample

    240722-l8kz8a1hng

  • MD5

    a25269aa5ca8d68e09f69d410cf233bd

  • SHA1

    967795911e76d8805dd0730bbcf5517ab744eb32

  • SHA256

    711673026e077af028d05493940e3fa5c85b52235191136a8446a57d11160a66

  • SHA512

    c08a076a04711e9ffdb7d202e49c7ea3ff7d938778a6e0dd89c685921173dbd530a7c4d8ee4177506bddec4f641502ee3c93b479b38ac2362eb61f6dec6c1515

  • SSDEEP

    192:o3mbPYCfMcrfOIuZmvKQxtzlSIVX6NOv1wW6ejDMN1:HMCfrfQ6tBSI51/6eUN1

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://10.66.112.11:80/PqTG

Attributes
  • headers User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)

Targets

    • Target

      711673026e077af028d05493940e3fa5c85b52235191136a8446a57d11160a66

    • Size

      14KB

    • MD5

      a25269aa5ca8d68e09f69d410cf233bd

    • SHA1

      967795911e76d8805dd0730bbcf5517ab744eb32

    • SHA256

      711673026e077af028d05493940e3fa5c85b52235191136a8446a57d11160a66

    • SHA512

      c08a076a04711e9ffdb7d202e49c7ea3ff7d938778a6e0dd89c685921173dbd530a7c4d8ee4177506bddec4f641502ee3c93b479b38ac2362eb61f6dec6c1515

    • SSDEEP

      192:o3mbPYCfMcrfOIuZmvKQxtzlSIVX6NOv1wW6ejDMN1:HMCfrfQ6tBSI51/6eUN1

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

MITRE ATT&CK Matrix

Tasks