General
-
Target
https://evropa2.club/
-
Sample
201111-4parwfx7fs
Score
10/10
Static task
static1
URLScan task
urlscan1
Sample
https://evropa2.club/
Behavioral task
behavioral1
Sample
https://evropa2.club/
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
Malware Config
Extracted
Language
ps1
Deobfuscated
URLs
ps1.dropper
http://rawcdn.githack.cyou/up.php?key=5
Extracted
Language
ps1
Source
URLs
exe.dropper
http://rawcdn.githack.cyou/up.php?key=6
Extracted
Family
metasploit
Version
encoder/shikata_ga_nai
Extracted
Family
metasploit
Version
windows/single_exec
Targets
-
-
Target
https://evropa2.club/
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Blacklisted process makes network request
-
Loads dropped DLL
-
Modifies file permissions
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-
Modifies service
-