General
-
Target
13f1cc34741efecd61a40e3fe5f013870290795d4e5cc5c168ab8826a6ffcd15
-
Size
1.0MB
-
Sample
220127-2g86qscdf5
-
MD5
5bfaef76008edad4f98eb2e70db7a1a2
-
SHA1
5d501d6a281c67acc3f994113d1eb0862b615a86
-
SHA256
13f1cc34741efecd61a40e3fe5f013870290795d4e5cc5c168ab8826a6ffcd15
-
SHA512
f195400ae447ae49326c7ff6cbcbaf2704f2e11d409e4ffb85193c977139f6a96f83170430786a6ae333fefe1fa966e3ea5f0c1663a467953b9040f7dc342693
Static task
static1
Behavioral task
behavioral1
Sample
13f1cc34741efecd61a40e3fe5f013870290795d4e5cc5c168ab8826a6ffcd15.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
13f1cc34741efecd61a40e3fe5f013870290795d4e5cc5c168ab8826a6ffcd15.exe
Resource
win10-en-20211208
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
13f1cc34741efecd61a40e3fe5f013870290795d4e5cc5c168ab8826a6ffcd15
-
Size
1.0MB
-
MD5
5bfaef76008edad4f98eb2e70db7a1a2
-
SHA1
5d501d6a281c67acc3f994113d1eb0862b615a86
-
SHA256
13f1cc34741efecd61a40e3fe5f013870290795d4e5cc5c168ab8826a6ffcd15
-
SHA512
f195400ae447ae49326c7ff6cbcbaf2704f2e11d409e4ffb85193c977139f6a96f83170430786a6ae333fefe1fa966e3ea5f0c1663a467953b9040f7dc342693
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Suspicious use of SetThreadContext
-