General

  • Target

    59f6c14b6ff1002d9e7ec41821f020bf57aa396087852f9a0a0a410641b5c0dbN

  • Size

    72KB

  • Sample

    241030-rw4jpavgnd

  • MD5

    78f0efdea32326ba08366d83408f5fc0

  • SHA1

    1ac1b5ccc14862e9801f5ce33fd1e8a3042c120f

  • SHA256

    59f6c14b6ff1002d9e7ec41821f020bf57aa396087852f9a0a0a410641b5c0db

  • SHA512

    ba8b3e28b50416ae65baaad07d2579f4b54932c744e12b5f5b1cb93a42090117e38585f62bcb1f07723a623ea1e7b48bbd7fbb5f4cdc5b6cfdf94763fcd63783

  • SSDEEP

    1536:IYnGNucjDnql2XyRv5hVTMvu+MMqpPHYMb+KR0Nc8QsJq39:Ejel2CBBTDF51HYe0Nc8QsC9

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/reverse_http

C2

http://147.185.221.23:37463/O8TEv2Hg07HycvNzlW8EeAg9Sc7tqWnNsU_HaJ84UV5cdmDXAUsLI0ZT8h118lFP5hd6YSG5staM5LRWG2oh2ntJrFvf3-0sJflGm0cJVNAaz7-x1jT-wvf5G4CemTOyMG2J2xgymN_w2tbsimDPVsJV0QEKssaqDFoiEFLcaVvfaiPC7V1bwrbhIFYhlzjk8-oG

Targets

    • Target

      59f6c14b6ff1002d9e7ec41821f020bf57aa396087852f9a0a0a410641b5c0dbN

    • Size

      72KB

    • MD5

      78f0efdea32326ba08366d83408f5fc0

    • SHA1

      1ac1b5ccc14862e9801f5ce33fd1e8a3042c120f

    • SHA256

      59f6c14b6ff1002d9e7ec41821f020bf57aa396087852f9a0a0a410641b5c0db

    • SHA512

      ba8b3e28b50416ae65baaad07d2579f4b54932c744e12b5f5b1cb93a42090117e38585f62bcb1f07723a623ea1e7b48bbd7fbb5f4cdc5b6cfdf94763fcd63783

    • SSDEEP

      1536:IYnGNucjDnql2XyRv5hVTMvu+MMqpPHYMb+KR0Nc8QsJq39:Ejel2CBBTDF51HYe0Nc8QsC9

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    • Metasploit family

MITRE ATT&CK Enterprise v15

Tasks