General

  • Target

    24e522868c15b22d680f1e75cd958ba647165b7533ab0c3b942d2a9055469f48

  • Size

    11KB

  • Sample

    241206-sja72syqfr

  • MD5

    8e20d083a4a4eed3444349d30a2fd048

  • SHA1

    62fc840e2d818b2857b2cc235977323661bfb597

  • SHA256

    24e522868c15b22d680f1e75cd958ba647165b7533ab0c3b942d2a9055469f48

  • SHA512

    5ad178d3d64d5f7452e66718bf6b8f2023b5ccd3812e06b9f6cd5b2b33690ba97985af9ab7a9d48a609466d84c80ea4f45260df76ef10519c38d53a58bc4bf78

  • SSDEEP

    192:nTXTpvJX5/JNEI8zVSrVEWY0p87Retp+gV7E5pz6fMK40:TRJ9T8ZSrVEn0p8detks73

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

192.168.196.144:10010

Targets

    • Target

      24e522868c15b22d680f1e75cd958ba647165b7533ab0c3b942d2a9055469f48

    • Size

      11KB

    • MD5

      8e20d083a4a4eed3444349d30a2fd048

    • SHA1

      62fc840e2d818b2857b2cc235977323661bfb597

    • SHA256

      24e522868c15b22d680f1e75cd958ba647165b7533ab0c3b942d2a9055469f48

    • SHA512

      5ad178d3d64d5f7452e66718bf6b8f2023b5ccd3812e06b9f6cd5b2b33690ba97985af9ab7a9d48a609466d84c80ea4f45260df76ef10519c38d53a58bc4bf78

    • SSDEEP

      192:nTXTpvJX5/JNEI8zVSrVEWY0p87Retp+gV7E5pz6fMK40:TRJ9T8ZSrVEn0p8detks73

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    • Metasploit family

MITRE ATT&CK Enterprise v15

Tasks