General

  • Target

    e774cbb458e50e28c8b731ed8930af837d5bf7149bd382279655ffeca263f85bN

  • Size

    4KB

  • Sample

    241108-xl8zbaznek

  • MD5

    42d170e4fc71feaccbe9984afcc380f0

  • SHA1

    240c5b5fa4cddc97f950035048ff81929629a8d9

  • SHA256

    e774cbb458e50e28c8b731ed8930af837d5bf7149bd382279655ffeca263f85b

  • SHA512

    2524736c58fe8cf0d9904926f8cf90336d46aec870aca5b23334bb6649bc4c4eaa19ea66c2bdb77f302eb0874a27abe107a2f20dfa410cc4aca4581e86d0bdcf

  • SSDEEP

    96:f1Yp+ComTZzltKWJD4p+1BcCJL61MFtjCoZCR4323TGotE:GomjRbxLkMFZZW432jttE

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/reverse_http

C2

http://38.55.233.200:53191/DGvxWpZp/G-xM-5AHeZ_TKNIptAAjigBUCPswQRKsJP_vPEBgkHMXSAlixyViFWd1Z__lHwZcEyVSThyTLWb1HC37eQT58QtYonBUZV2FH7d4gmdlK_w9NjRrk6GVIbPd-TEY2dIPLk

Targets

    • Target

      e774cbb458e50e28c8b731ed8930af837d5bf7149bd382279655ffeca263f85bN

    • Size

      4KB

    • MD5

      42d170e4fc71feaccbe9984afcc380f0

    • SHA1

      240c5b5fa4cddc97f950035048ff81929629a8d9

    • SHA256

      e774cbb458e50e28c8b731ed8930af837d5bf7149bd382279655ffeca263f85b

    • SHA512

      2524736c58fe8cf0d9904926f8cf90336d46aec870aca5b23334bb6649bc4c4eaa19ea66c2bdb77f302eb0874a27abe107a2f20dfa410cc4aca4581e86d0bdcf

    • SSDEEP

      96:f1Yp+ComTZzltKWJD4p+1BcCJL61MFtjCoZCR4323TGotE:GomjRbxLkMFZZW432jttE

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    • Metasploit family

    • Downloads MZ/PE file

MITRE ATT&CK Enterprise v15

Tasks