General
-
Target
028693ded0839fd9d2b58441cdf1ec16c65edb7848b148f67c9c327fd9f56908
-
Size
126KB
-
Sample
220528-en8gfscdem
-
MD5
777be51c882ac8b00427dd4a8a176572
-
SHA1
f829eed157893d16a243cda99b1b8a138805e143
-
SHA256
028693ded0839fd9d2b58441cdf1ec16c65edb7848b148f67c9c327fd9f56908
-
SHA512
6a5c6f29f10501903e424a2392832423007ad4ed3fad2c6d5dc43646e8b6abf74dcb7f514e6894ca9809a2ae8c6f129f3e838342afc8fce20edb915397ef2604
Static task
static1
Behavioral task
behavioral1
Sample
028693ded0839fd9d2b58441cdf1ec16c65edb7848b148f67c9c327fd9f56908.exe
Resource
win7-20220414-en
Malware Config
Extracted
sality
http://89.119.67.154/testo5/
http://kukutrustnet777.info/home.gif
http://kukutrustnet888.info/home.gif
http://kukutrustnet987.info/home.gif
http://www.klkjwre9fqwieluoi.info/
http://kukutrustnet777888.info/
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
028693ded0839fd9d2b58441cdf1ec16c65edb7848b148f67c9c327fd9f56908
-
Size
126KB
-
MD5
777be51c882ac8b00427dd4a8a176572
-
SHA1
f829eed157893d16a243cda99b1b8a138805e143
-
SHA256
028693ded0839fd9d2b58441cdf1ec16c65edb7848b148f67c9c327fd9f56908
-
SHA512
6a5c6f29f10501903e424a2392832423007ad4ed3fad2c6d5dc43646e8b6abf74dcb7f514e6894ca9809a2ae8c6f129f3e838342afc8fce20edb915397ef2604
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Modifies firewall policy service
-