General
-
Target
138.bin.zip
-
Size
6KB
-
Sample
201105-b7yl2g9q3a
-
MD5
42c09ccd9fd6be5d172f47f64794683c
-
SHA1
7c2fdb8f7164b1a6806c20b46ca10854d787bc9f
-
SHA256
ded9396ddd96b2f3036bb522a032773c4c79370e2e70e6d2adb4dfd537135783
-
SHA512
17684f2a8a32edcb0069cdf425047f1f4b291c69be5de9dfcbf875bfacb35eb65f2d103efb567cd6c6dcc09aff7170ef73b6842783e5aac9f0e683dabeaf0e16
Static task
static1
Behavioral task
behavioral1
Sample
138.bin.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
138.bin.exe
Resource
win10v20201028
Malware Config
Extracted
metasploit
windows/download_exec
http://69.30.232.138:80/GJRy
- headers User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0; BOIE9;ENUS)
Targets
-
-
Target
138.bin
-
Size
14KB
-
MD5
46c749df7fd36669abd06ca85b37b604
-
SHA1
c15fa903d63d5b37f5652f18b134f443c378a2de
-
SHA256
e60a43e85b8f2a15b364936af9f28a755c8463ef9d0f443b087ca895e2035d0f
-
SHA512
a24c2ea3500bad79959f067cd9d4a24cbe7e2030832d851fa2dffdf18da8b7e7fdcd7baee34dfe755f2311608e65af400872d0d71ee98fb5826755b7f1938bac
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-