metasploit | c9908ca1cfaa82c1e2fb2f4f726fee6dae6760e827b0a9807457b3a69fc2c9df | Triage

Sharing

Copy URL Twitter E-mail

General

Target

359d8900338721503e21e2ed85abd020N.exe
Size

250KB
Sample

240823-1nfx4aydqh
MD5

359d8900338721503e21e2ed85abd020
SHA1

ab6c027b3669ff34958dad3a55dd11a173db70a8
SHA256

c9908ca1cfaa82c1e2fb2f4f726fee6dae6760e827b0a9807457b3a69fc2c9df
SHA512

5601df390663801cc466fb856f00d8fa2f0ca98833b2ff373f11c7dc929c5608b7ad70c3e1076e82c5118de356d9b2d0d499fa9e0f6546d7720888ddfb7b5968
SSDEEP

3072:DPrH1kXYP/Ellg/HLyt+1yzzk0BGqtDpsd1kwvFpuobFGoY46ehlb53yWlAVb0aq:Dr4oMll4a+4zzk0rpscoh5gBR0

Score

10^/10

metasploit

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://154.204.60.102:81/jquery-3.3.1.min.js

Attributes

headers Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Host: freehish.xyz Referer: http://www.baidu.com/ Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/5.0)

Targets

- Target
  
  359d8900338721503e21e2ed85abd020N.exe
- Size
  
  250KB
- MD5
  
  359d8900338721503e21e2ed85abd020
- SHA1
  
  ab6c027b3669ff34958dad3a55dd11a173db70a8
- SHA256
  
  c9908ca1cfaa82c1e2fb2f4f726fee6dae6760e827b0a9807457b3a69fc2c9df
- SHA512
  
  5601df390663801cc466fb856f00d8fa2f0ca98833b2ff373f11c7dc929c5608b7ad70c3e1076e82c5118de356d9b2d0d499fa9e0f6546d7720888ddfb7b5968
- SSDEEP
  
  3072:DPrH1kXYP/Ellg/HLyt+1yzzk0BGqtDpsd1kwvFpuobFGoY46ehlb53yWlAVb0aq:Dr4oMll4a+4zzk0rpscoh5gBR0
Score

1^/10
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2