General
-
Target
117e78ac2b086f84ddb1f923d7099270d733938f49b0d600cc1d7a8d4b56e7ad
-
Size
200KB
-
Sample
220604-d4jbtscdaj
-
MD5
8f3dacfa466cb6d04c3aa57c1e080568
-
SHA1
e92b4b6cdf20a8b6e94fbe323ef291ab404891b9
-
SHA256
117e78ac2b086f84ddb1f923d7099270d733938f49b0d600cc1d7a8d4b56e7ad
-
SHA512
93ac418a733527090e8df76078dfe62901774535d903c5e5b799139108d7b0ff75c9776106674fbc81ed46912b0dc1e52e3a4f294018ff10251eaf9ff76cd410
Static task
static1
Behavioral task
behavioral1
Sample
117e78ac2b086f84ddb1f923d7099270d733938f49b0d600cc1d7a8d4b56e7ad.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
117e78ac2b086f84ddb1f923d7099270d733938f49b0d600cc1d7a8d4b56e7ad.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
117e78ac2b086f84ddb1f923d7099270d733938f49b0d600cc1d7a8d4b56e7ad
-
Size
200KB
-
MD5
8f3dacfa466cb6d04c3aa57c1e080568
-
SHA1
e92b4b6cdf20a8b6e94fbe323ef291ab404891b9
-
SHA256
117e78ac2b086f84ddb1f923d7099270d733938f49b0d600cc1d7a8d4b56e7ad
-
SHA512
93ac418a733527090e8df76078dfe62901774535d903c5e5b799139108d7b0ff75c9776106674fbc81ed46912b0dc1e52e3a4f294018ff10251eaf9ff76cd410
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Suspicious use of SetThreadContext
-