General

  • Target

    b78c25f98d49fb5c64ffe4ffd00ce1e57963212ecea4cab2757aba896da0b7bcN.exe

  • Size

    29KB

  • Sample

    241129-tzremsvqhw

  • MD5

    96333d539e1d60f9bbe7139ad8838bf0

  • SHA1

    f2babb2f8bc993aa8febc828444808bdc196cbef

  • SHA256

    b78c25f98d49fb5c64ffe4ffd00ce1e57963212ecea4cab2757aba896da0b7bc

  • SHA512

    04abe15b348c4df8215835699077b1687122aeca9f7bc9bf6e843fd65649779e8df4d96213b42048e7e358db462f34d380ae2b8399b0ed2ffff5ed2b23e2e3eb

  • SSDEEP

    768:tbnJTFruOS0EC3VIXjDg+OG8V8ZCl19qutrm479Wqyml:tryx0E4GXjDgu8VACl19qQXyml

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

192.168.1.66:54322

Targets

    • Target

      b78c25f98d49fb5c64ffe4ffd00ce1e57963212ecea4cab2757aba896da0b7bcN.exe

    • Size

      29KB

    • MD5

      96333d539e1d60f9bbe7139ad8838bf0

    • SHA1

      f2babb2f8bc993aa8febc828444808bdc196cbef

    • SHA256

      b78c25f98d49fb5c64ffe4ffd00ce1e57963212ecea4cab2757aba896da0b7bc

    • SHA512

      04abe15b348c4df8215835699077b1687122aeca9f7bc9bf6e843fd65649779e8df4d96213b42048e7e358db462f34d380ae2b8399b0ed2ffff5ed2b23e2e3eb

    • SSDEEP

      768:tbnJTFruOS0EC3VIXjDg+OG8V8ZCl19qutrm479Wqyml:tryx0E4GXjDgu8VACl19qQXyml

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    • Metasploit family

MITRE ATT&CK Enterprise v15

Tasks