General
-
Target
8c7efff245539ef8e63c62a305c57fbddf30244b9f12765f6df22b6321871bbc
-
Size
129KB
-
Sample
220520-fp1zfadgfq
-
MD5
35908bef40dcc6d9037f9c7c5d06ae76
-
SHA1
fafaaf13dd7dcce18cfb8ef669dbbd949d7dcc66
-
SHA256
8c7efff245539ef8e63c62a305c57fbddf30244b9f12765f6df22b6321871bbc
-
SHA512
96ea1f29837cba383926a21dbabc14d8fe631426697761a92aa7c099b6c7cbb40892cc2c68302c5abfea48e4ef748562aa241c08ca950bcbf2aeccef21866219
Static task
static1
Behavioral task
behavioral1
Sample
8c7efff245539ef8e63c62a305c57fbddf30244b9f12765f6df22b6321871bbc.doc
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
8c7efff245539ef8e63c62a305c57fbddf30244b9f12765f6df22b6321871bbc.doc
Resource
win10v2004-20220414-en
Malware Config
Extracted
metasploit
metasploit_stager
18.195.167.84:80
Targets
-
-
Target
8c7efff245539ef8e63c62a305c57fbddf30244b9f12765f6df22b6321871bbc
-
Size
129KB
-
MD5
35908bef40dcc6d9037f9c7c5d06ae76
-
SHA1
fafaaf13dd7dcce18cfb8ef669dbbd949d7dcc66
-
SHA256
8c7efff245539ef8e63c62a305c57fbddf30244b9f12765f6df22b6321871bbc
-
SHA512
96ea1f29837cba383926a21dbabc14d8fe631426697761a92aa7c099b6c7cbb40892cc2c68302c5abfea48e4ef748562aa241c08ca950bcbf2aeccef21866219
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-
Suspicious use of SetThreadContext
-