General
-
Target
5145994822189056.zip
-
Size
254KB
-
Sample
201123-v97282yt96
-
MD5
964a7122bc78ba984931a46f0167d33f
-
SHA1
a5f249114ead341b937e317556470dff29f8928b
-
SHA256
0565733747d017f4de473dfd545bd3be947d7e1f105501ff9ee0d4ca42c08a5b
-
SHA512
e1b8e9d6d1aff5a3ecbc9ddd5b7e1594a5385ca21931d5f6b10585d27c01eea32a060d36071d753bbac5806d8a858f0372f9430b3c7329c97519aa8c9494e254
Static task
static1
Behavioral task
behavioral1
Sample
991a222bdbeb5d25b9f9445496112af904ac7b677b6296810727e6e403f5f5eb.dll
Resource
win7v20201028
Behavioral task
behavioral2
Sample
991a222bdbeb5d25b9f9445496112af904ac7b677b6296810727e6e403f5f5eb.dll
Resource
win10v20201028
Malware Config
Extracted
metasploit
windows/download_exec
http://kungfupandasa.com:443/wp-includes/boxes.png
Targets
-
-
Target
991a222bdbeb5d25b9f9445496112af904ac7b677b6296810727e6e403f5f5eb
-
Size
673KB
-
MD5
5c1fce8fa3e228b8f2641bb1f7a29c3f
-
SHA1
29234654f799ff6ea89fada6af32763c02fff1eb
-
SHA256
991a222bdbeb5d25b9f9445496112af904ac7b677b6296810727e6e403f5f5eb
-
SHA512
2452da3830efa1a42625fa68c6858eac3625b5bdf7100cf06a424bc2b9ffd488f58c689ac4e6c71f2e25171c3a118dfb5771a9725f46a8208f147838bfa57add
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Suspicious use of NtCreateProcessExOtherParentProcess
-