metasploit | c7f9ab90ea73406eb3d80450dd8faaebcd505b105a9c5ebe86dc465afe7ba474 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c7f9ab90ea73406eb3d80450dd8faaebcd505b105a9c5ebe86dc465afe7ba474
Size

2.1MB
Sample

241112-sbgpvstngs
MD5

93eff795b9579ea548ef7db6bfe8f1ce
SHA1

c3c878e451267ab5fb234dc0997c0d0e4078f2c0
SHA256

c7f9ab90ea73406eb3d80450dd8faaebcd505b105a9c5ebe86dc465afe7ba474
SHA512

bb015a5f4175d1e418ab7f7eb342def7b7b4313f5ea694ce5e7c5851b2e60e6b2718fa63b2f6667bc55d6271a5974c97f1805e0e1b459cb480120e83bf6f8af2
SSDEEP

24576:UZWVf/5HbDcNRpgauFOMwY8ZAGmaUvUFDxK4dYwRxTszoKpiYzxiCRVTbCvpZ/Yj:OzugM1aP5dGjzoCaYD1PU+s/e

Score

10^/10

metasploit discovery

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://192.168.137.133:666/VSlG

Attributes

headers User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; BTRS125526)

Targets

- Target
  
  c7f9ab90ea73406eb3d80450dd8faaebcd505b105a9c5ebe86dc465afe7ba474
- Size
  
  2.1MB
- MD5
  
  93eff795b9579ea548ef7db6bfe8f1ce
- SHA1
  
  c3c878e451267ab5fb234dc0997c0d0e4078f2c0
- SHA256
  
  c7f9ab90ea73406eb3d80450dd8faaebcd505b105a9c5ebe86dc465afe7ba474
- SHA512
  
  bb015a5f4175d1e418ab7f7eb342def7b7b4313f5ea694ce5e7c5851b2e60e6b2718fa63b2f6667bc55d6271a5974c97f1805e0e1b459cb480120e83bf6f8af2
- SSDEEP
  
  24576:UZWVf/5HbDcNRpgauFOMwY8ZAGmaUvUFDxK4dYwRxTszoKpiYzxiCRVTbCvpZ/Yj:OzugM1aP5dGjzoCaYD1PU+s/e
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2