metasploit | 24ee2e131a8f629993aea80937c42828588d7ddd1c5fbe154dcfdfd858e9a9fe | Triage

Sharing

General

Target

24ee2e131a8f629993aea80937c42828588d7ddd1c5fbe154dcfdfd858e9a9fe
Size

3.1MB
Sample

241122-gwvlns1pgm
MD5

0fb37e10f40505208ce0044b22de0d67
SHA1

51016a5986141234b021d550d8e29748f406db73
SHA256

24ee2e131a8f629993aea80937c42828588d7ddd1c5fbe154dcfdfd858e9a9fe
SHA512

4fb72f354c69a9a13a3c8dd7d39cf3ca2939c594412ccca611982df3521929272184050d9c5adc34845b4b04b9de9a85fd84100a26238f676cbad80563023394
SSDEEP

49152:H2Ppun36K995p9oHI36C3YD1gFdPQpy9UTp9k1e2VQyVX:WPp+36CHoo9Pr6p98e2

Score

10^/10

metasploit discovery

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://192.168.137.133:666/VSlG

Attributes

headers User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; BTRS125526)

Targets

- Target
  
  24ee2e131a8f629993aea80937c42828588d7ddd1c5fbe154dcfdfd858e9a9fe
- Size
  
  3.1MB
- MD5
  
  0fb37e10f40505208ce0044b22de0d67
- SHA1
  
  51016a5986141234b021d550d8e29748f406db73
- SHA256
  
  24ee2e131a8f629993aea80937c42828588d7ddd1c5fbe154dcfdfd858e9a9fe
- SHA512
  
  4fb72f354c69a9a13a3c8dd7d39cf3ca2939c594412ccca611982df3521929272184050d9c5adc34845b4b04b9de9a85fd84100a26238f676cbad80563023394
- SSDEEP
  
  49152:H2Ppun36K995p9oHI36C3YD1gFdPQpy9UTp9k1e2VQyVX:WPp+36CHoo9Pr6p98e2
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2