General
-
Target
paste-battar-2020-12-30.vba
-
Size
7KB
-
Sample
201231-v5e4r3mj26
-
MD5
2d279b1ff24694aedac0940f3e297a71
-
SHA1
983522f60204a435e0b05ee93608303c177a296d
-
SHA256
ed7953e4573f862ce1ff418416e392670944a7d1f25ce25b2164c903470b6daf
-
SHA512
3948feaefed27971edf6d8f725a867b6975f54e9f9e183dfa8f61482303a300cb7910a920cf98ee5e7b65ef4e302f6da4b39d9a9a69cfd2b9c71af0cd1e9cde3
Static task
static1
Behavioral task
behavioral1
Sample
paste-battar-2020-12-30.vba.vbs
Resource
win7v20201028
Behavioral task
behavioral2
Sample
paste-battar-2020-12-30.vba.vbs
Resource
win10v20201028
Malware Config
Extracted
metasploit
encoder/shikata_ga_nai
Extracted
metasploit
windows/reverse_tcp
192.168.77.130:8080
Targets
-
-
Target
paste-battar-2020-12-30.vba
-
Size
7KB
-
MD5
2d279b1ff24694aedac0940f3e297a71
-
SHA1
983522f60204a435e0b05ee93608303c177a296d
-
SHA256
ed7953e4573f862ce1ff418416e392670944a7d1f25ce25b2164c903470b6daf
-
SHA512
3948feaefed27971edf6d8f725a867b6975f54e9f9e183dfa8f61482303a300cb7910a920cf98ee5e7b65ef4e302f6da4b39d9a9a69cfd2b9c71af0cd1e9cde3
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Executes dropped EXE
-