General
-
Target
1e35ab4e4a1c4c42c6fbc59eb83a6b70a40750ab32edcb8de184cba3b1686c8c
-
Size
1.1MB
-
Sample
220127-1gscjsbee7
-
MD5
abf13df77cefba6d01217f1734464842
-
SHA1
d2fff6e6d42540ef6570ca324706c73ee3a594f4
-
SHA256
1e35ab4e4a1c4c42c6fbc59eb83a6b70a40750ab32edcb8de184cba3b1686c8c
-
SHA512
85a8af3703dfa17ee3933e7a14ec375fcd2bf4c6a3ecbfc2581d412d7dcab45f096ac77369af0728e045eaaffb001a7bf2a027d267442219e10f66b699c4a9c7
Static task
static1
Behavioral task
behavioral1
Sample
1e35ab4e4a1c4c42c6fbc59eb83a6b70a40750ab32edcb8de184cba3b1686c8c.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
1e35ab4e4a1c4c42c6fbc59eb83a6b70a40750ab32edcb8de184cba3b1686c8c.exe
Resource
win10-en-20211208
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
1e35ab4e4a1c4c42c6fbc59eb83a6b70a40750ab32edcb8de184cba3b1686c8c
-
Size
1.1MB
-
MD5
abf13df77cefba6d01217f1734464842
-
SHA1
d2fff6e6d42540ef6570ca324706c73ee3a594f4
-
SHA256
1e35ab4e4a1c4c42c6fbc59eb83a6b70a40750ab32edcb8de184cba3b1686c8c
-
SHA512
85a8af3703dfa17ee3933e7a14ec375fcd2bf4c6a3ecbfc2581d412d7dcab45f096ac77369af0728e045eaaffb001a7bf2a027d267442219e10f66b699c4a9c7
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Suspicious use of SetThreadContext
-