General
-
Target
78f1c99154816317fae2c68f6310ae71.exe
-
Size
28KB
-
Sample
210725-wgdbbyc276
-
MD5
78f1c99154816317fae2c68f6310ae71
-
SHA1
a91ff3bd6339cc48712571ee539c974024236033
-
SHA256
5dc5d009a19088a3c39c66eb561c7444eaebf1b46ff2982ece0b4352ba769fa2
-
SHA512
f13c4ff6bb1402acc9d9020c17d9dc7ac74bc49d85a4783368487cfea9fb4f49f79bccfd46ecbc2496305fe03e93ee19f70a6863877ba207b5a25321ac89b65d
Static task
static1
Behavioral task
behavioral1
Sample
78f1c99154816317fae2c68f6310ae71.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
78f1c99154816317fae2c68f6310ae71.exe
Resource
win10v20210408
Malware Config
Extracted
metasploit
windows/download_exec
http://5.189.184.60:443/components/massaction.ico
Targets
-
-
Target
78f1c99154816317fae2c68f6310ae71.exe
-
Size
28KB
-
MD5
78f1c99154816317fae2c68f6310ae71
-
SHA1
a91ff3bd6339cc48712571ee539c974024236033
-
SHA256
5dc5d009a19088a3c39c66eb561c7444eaebf1b46ff2982ece0b4352ba769fa2
-
SHA512
f13c4ff6bb1402acc9d9020c17d9dc7ac74bc49d85a4783368487cfea9fb4f49f79bccfd46ecbc2496305fe03e93ee19f70a6863877ba207b5a25321ac89b65d
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Suspicious use of NtCreateProcessExOtherParentProcess
-