General

  • Target

    6c0154444703160d4160479e4cf3643439c5259ff04c892408752fed64790a0dN

  • Size

    72KB

  • Sample

    240919-142vhatclb

  • MD5

    3dbc62ae13743894c9ac76851dfe6510

  • SHA1

    665dd0e372b5888214c2315899d870dab988a0ca

  • SHA256

    6c0154444703160d4160479e4cf3643439c5259ff04c892408752fed64790a0d

  • SHA512

    827c4c81dc5eacd23308986aea5c3fe7bafdc7823e0ed5fe69fdd1ed4c2a5328151a980d98b746b0bee48594cd247937166eabedad7eb6a602978602c8845bc4

  • SSDEEP

    1536:IXVqHonUrtonGEyNDP+GTWga11+OMb+KR0Nc8QsJq39:yVqH6XnGJWgie0Nc8QsC9

Malware Config

Extracted

Family

metasploit

Version

encoder/fnstenv_mov

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

122.4.211.85:10608

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Targets

    • Target

      6c0154444703160d4160479e4cf3643439c5259ff04c892408752fed64790a0dN

    • Size

      72KB

    • MD5

      3dbc62ae13743894c9ac76851dfe6510

    • SHA1

      665dd0e372b5888214c2315899d870dab988a0ca

    • SHA256

      6c0154444703160d4160479e4cf3643439c5259ff04c892408752fed64790a0d

    • SHA512

      827c4c81dc5eacd23308986aea5c3fe7bafdc7823e0ed5fe69fdd1ed4c2a5328151a980d98b746b0bee48594cd247937166eabedad7eb6a602978602c8845bc4

    • SSDEEP

      1536:IXVqHonUrtonGEyNDP+GTWga11+OMb+KR0Nc8QsJq39:yVqH6XnGJWgie0Nc8QsC9

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

MITRE ATT&CK Enterprise v15

Tasks