General

  • Target

    d2891faf9f09b399bce93598d313f8923be697234f2da85ce077e4bd5cbaa09f

  • Size

    113KB

  • Sample

    241031-k1s57awrck

  • MD5

    4c932e02a0da04ae05d58630033c6ed4

  • SHA1

    f8c140b5840fffba243b96ca689b3e91bd8e0071

  • SHA256

    d2891faf9f09b399bce93598d313f8923be697234f2da85ce077e4bd5cbaa09f

  • SHA512

    7d3c652304d7f037e98621fb8ecff5ad6e7d1d61e82cf2a08706dad38f9e007dc886c9e30b73d0179977e0d1fcf3b1c6c12df728b621a454aad1fe735c4c9bfc

  • SSDEEP

    3072:zMRCckNf1rMCp2fqfCtZETu6LbfVDnapANAwfwQQQt:zMfkNf5MCMfmCXETwAiwV

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

192.168.91.128:2316

Targets

    • Target

      d2891faf9f09b399bce93598d313f8923be697234f2da85ce077e4bd5cbaa09f

    • Size

      113KB

    • MD5

      4c932e02a0da04ae05d58630033c6ed4

    • SHA1

      f8c140b5840fffba243b96ca689b3e91bd8e0071

    • SHA256

      d2891faf9f09b399bce93598d313f8923be697234f2da85ce077e4bd5cbaa09f

    • SHA512

      7d3c652304d7f037e98621fb8ecff5ad6e7d1d61e82cf2a08706dad38f9e007dc886c9e30b73d0179977e0d1fcf3b1c6c12df728b621a454aad1fe735c4c9bfc

    • SSDEEP

      3072:zMRCckNf1rMCp2fqfCtZETu6LbfVDnapANAwfwQQQt:zMfkNf5MCMfmCXETwAiwV

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    • Metasploit family

MITRE ATT&CK Enterprise v15

Tasks