General
-
Target
14bd8ce373bf64dc8f78775f284ce5449cc350796a4b53c27505c4f9bcba0379
-
Size
51KB
-
Sample
220602-xftx7saag6
-
MD5
577eab90797f2804a44cce6241eb9c22
-
SHA1
6bee48fb567b6f0acc2cd129741f0351b961c89f
-
SHA256
14bd8ce373bf64dc8f78775f284ce5449cc350796a4b53c27505c4f9bcba0379
-
SHA512
e5a5140424c5dcfccd2dafc34bdf2232dd2d046dd933f47053b9278ccf1f67e3a61110da0c81c9f419a42a0a4538c97c5dba1b8a6dba800d0186b69a07d9770c
Static task
static1
Behavioral task
behavioral1
Sample
14bd8ce373bf64dc8f78775f284ce5449cc350796a4b53c27505c4f9bcba0379.docm
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
14bd8ce373bf64dc8f78775f284ce5449cc350796a4b53c27505c4f9bcba0379.docm
Resource
win10v2004-20220414-en
Malware Config
Extracted
metasploit
encoder/shikata_ga_nai
Extracted
metasploit
windows/reverse_http
http://191.101.42.179:8080/HxJOy7n0CJvydvN3qZ2FLgqSDe-upNDe0J0Ts0S_QVE3U8qmdyykRSnD6T_HvD7La8DNmDu0GFUno6sSH6E1kyH1KFLrK-sU2mx6mwqnG4gBWa7BSH61LeWes6_ip9ijxEIdPAmYbrc9mOjG3ohA4KJrSn_hMCCfI9Pc_7hBhp
Targets
-
-
Target
14bd8ce373bf64dc8f78775f284ce5449cc350796a4b53c27505c4f9bcba0379
-
Size
51KB
-
MD5
577eab90797f2804a44cce6241eb9c22
-
SHA1
6bee48fb567b6f0acc2cd129741f0351b961c89f
-
SHA256
14bd8ce373bf64dc8f78775f284ce5449cc350796a4b53c27505c4f9bcba0379
-
SHA512
e5a5140424c5dcfccd2dafc34bdf2232dd2d046dd933f47053b9278ccf1f67e3a61110da0c81c9f419a42a0a4538c97c5dba1b8a6dba800d0186b69a07d9770c
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Executes dropped EXE
-
Loads dropped DLL
-