General
-
Target
KmsRNyL4oQ.exe
-
Size
6.4MB
-
Sample
220601-s48n2shec9
-
MD5
d9170f66194db0d9f605edd0dc6c69ca
-
SHA1
063d5e6a67d18698baa3654a3e7771a3b1a03203
-
SHA256
d819bda110e3afa9682e7f9b741571b3015c8818e340cf01132ca632717ab178
-
SHA512
dd5622bd69f55e78ecd6c9d5e36c9972d6c773a3a3a7f8d6a958cf81869df776cc771a750dbdb98fd393ca3cf380ddd272c645c507fac5b3335e43908d5e5002
Static task
static1
Behavioral task
behavioral1
Sample
KmsRNyL4oQ.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
KmsRNyL4oQ.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
metasploit
metasploit_stager
0.0.0.0:0
Targets
-
-
Target
KmsRNyL4oQ.exe
-
Size
6.4MB
-
MD5
d9170f66194db0d9f605edd0dc6c69ca
-
SHA1
063d5e6a67d18698baa3654a3e7771a3b1a03203
-
SHA256
d819bda110e3afa9682e7f9b741571b3015c8818e340cf01132ca632717ab178
-
SHA512
dd5622bd69f55e78ecd6c9d5e36c9972d6c773a3a3a7f8d6a958cf81869df776cc771a750dbdb98fd393ca3cf380ddd272c645c507fac5b3335e43908d5e5002
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-