General
-
Target
166.exe
-
Size
14KB
-
Sample
201128-l9a8hjxj32
-
MD5
d04c8789ef1d1c939eeddf843ffc3d23
-
SHA1
6ba8e4a6d3006876cece1e105da552f04ed2d77c
-
SHA256
4c32d37b3cdcd4c345012a832191192b05dda501f444aa5d4ce17037b36eac23
-
SHA512
7cc16141428f9617f078e39a61f769bdf2a78f1c8c552b0f3f0e67035bc27e3bf37fd12bbb613970319f9fe1189e90090c8636a786d6880b805bf38a868028a3
Static task
static1
Behavioral task
behavioral1
Sample
166.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
166.exe
Resource
win10v20201028
Malware Config
Extracted
metasploit
windows/download_exec
http://185.153.199.166:80/pj8J
- headers User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; BOIE9;NLNL)
Targets
-
-
Target
166.exe
-
Size
14KB
-
MD5
d04c8789ef1d1c939eeddf843ffc3d23
-
SHA1
6ba8e4a6d3006876cece1e105da552f04ed2d77c
-
SHA256
4c32d37b3cdcd4c345012a832191192b05dda501f444aa5d4ce17037b36eac23
-
SHA512
7cc16141428f9617f078e39a61f769bdf2a78f1c8c552b0f3f0e67035bc27e3bf37fd12bbb613970319f9fe1189e90090c8636a786d6880b805bf38a868028a3
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-