General
-
Target
Invoice-1002.pdf
-
Size
87KB
-
Sample
210506-ew8jdl6z46
-
MD5
57e89c28665801cb8448937e05dd89d5
-
SHA1
5a75811a2db79ad2108188a7d1c3377493383f9e
-
SHA256
a80576f241544e6fbd0a229b4d969f9934a77e8dc26f53b1243e7f639f28bcc6
-
SHA512
58720ad2a5b85389f38082a67c1e4aee8b9e248543e3091bad8515ed049b04e3fa684def2c04d3d914e8fdf4fa81e9971d942f8bac53bca14419aa0ffec8cd17
Static task
static1
Behavioral task
behavioral1
Sample
Invoice-1002.pdf
Resource
win7v20210410
Behavioral task
behavioral2
Sample
Invoice-1002.pdf
Resource
win10v20210408
Behavioral task
behavioral3
Sample
1002-Contoso.pdf.exe
Resource
win7v20210410
Behavioral task
behavioral4
Sample
1002-Contoso.pdf.exe
Resource
win10v20210410
Malware Config
Extracted
metasploit
windows/reverse_tcp
172.19.255.48:443
Targets
-
-
Target
Invoice-1002.pdf
-
Size
87KB
-
MD5
57e89c28665801cb8448937e05dd89d5
-
SHA1
5a75811a2db79ad2108188a7d1c3377493383f9e
-
SHA256
a80576f241544e6fbd0a229b4d969f9934a77e8dc26f53b1243e7f639f28bcc6
-
SHA512
58720ad2a5b85389f38082a67c1e4aee8b9e248543e3091bad8515ed049b04e3fa684def2c04d3d914e8fdf4fa81e9971d942f8bac53bca14419aa0ffec8cd17
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Executes dropped EXE
-
Loads dropped DLL
-
-
-
Target
1002-Contoso.pdf
-
Size
72KB
-
MD5
b6c91d5c68529f39be286ced0e473a63
-
SHA1
cfe3312ace153f13faa6da5defd0bd57c7f85aee
-
SHA256
f436586c9c49e46a759d7fa07853b1d5c54ff6c42133db68bd03c97eef4ea997
-
SHA512
0d78ed3ceade93596d10419316059faa6f53ecb805f2885055545157009062e2f99b8058b5c77d3e9e9e8b944abdbd3705e37887b4ed52b0168d460af6c669f9
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-