General
-
Target
227e8678d85bff501bb909e0d61ee25554bf99c94e47c0194da53e7c246687f9
-
Size
1.0MB
-
Sample
220127-z81mkabch3
-
MD5
af064499da08c11936e3c1d66acae650
-
SHA1
8cb2db16546062d3b262a61c5a9c1f025662f19d
-
SHA256
227e8678d85bff501bb909e0d61ee25554bf99c94e47c0194da53e7c246687f9
-
SHA512
0540d3fdaf5a0d8ea05647bca0967467725148dc8fe7f97705218000fa38bbad4d31abc03cfd2ba0bb532c73cdebec53f9a78e83b5488e3b59a6458afd5edbd2
Static task
static1
Behavioral task
behavioral1
Sample
227e8678d85bff501bb909e0d61ee25554bf99c94e47c0194da53e7c246687f9.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
227e8678d85bff501bb909e0d61ee25554bf99c94e47c0194da53e7c246687f9.exe
Resource
win10-en-20211208
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
227e8678d85bff501bb909e0d61ee25554bf99c94e47c0194da53e7c246687f9
-
Size
1.0MB
-
MD5
af064499da08c11936e3c1d66acae650
-
SHA1
8cb2db16546062d3b262a61c5a9c1f025662f19d
-
SHA256
227e8678d85bff501bb909e0d61ee25554bf99c94e47c0194da53e7c246687f9
-
SHA512
0540d3fdaf5a0d8ea05647bca0967467725148dc8fe7f97705218000fa38bbad4d31abc03cfd2ba0bb532c73cdebec53f9a78e83b5488e3b59a6458afd5edbd2
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Suspicious use of SetThreadContext
-