General
-
Target
6d0aece3_by_Libranalysis
-
Size
156KB
-
Sample
210509-91h1c14mmj
-
MD5
6d0aece3c6c497e5c95f5211391eeb5a
-
SHA1
27fe022501362ce3d8aad3d8d0ecf0b869580ba0
-
SHA256
9dc9fec6cfd0f7e565d2bcc58cc487f720d1b25bb650cb34431372d89c515fb5
-
SHA512
59e6e29a37d37e54ac1c75820f35fa5a4c0fccbe6a7962addd6e929bcd75e8e8465a5c6b59f28b22d14e54a76bc619440bbc5374265072b2bf9145cf100eb7f0
Static task
static1
Behavioral task
behavioral1
Sample
6d0aece3_by_Libranalysis.msi
Resource
win7v20210408
Behavioral task
behavioral2
Sample
6d0aece3_by_Libranalysis.msi
Resource
win10v20210410
Malware Config
Extracted
metasploit
windows/reverse_tcp
3.22.53.161:10939
Targets
-
-
Target
6d0aece3_by_Libranalysis
-
Size
156KB
-
MD5
6d0aece3c6c497e5c95f5211391eeb5a
-
SHA1
27fe022501362ce3d8aad3d8d0ecf0b869580ba0
-
SHA256
9dc9fec6cfd0f7e565d2bcc58cc487f720d1b25bb650cb34431372d89c515fb5
-
SHA512
59e6e29a37d37e54ac1c75820f35fa5a4c0fccbe6a7962addd6e929bcd75e8e8465a5c6b59f28b22d14e54a76bc619440bbc5374265072b2bf9145cf100eb7f0
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Executes dropped EXE
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-