General
-
Target
110d349330b5310cea201212a7c99ec612eab7679925b8129a551118b9a2da73
-
Size
1.3MB
-
Sample
220604-l3amasagc7
-
MD5
287bba37fa0a4b4d96cdf3125ea69fda
-
SHA1
a5f2ab561307baf4cd9c751f77bef01fd341ef46
-
SHA256
110d349330b5310cea201212a7c99ec612eab7679925b8129a551118b9a2da73
-
SHA512
435d2b19a6e7eb3bc71426f9e4e189352f6c37e28c36cccc55857c1cf724d9553b262c0a168b57e58f14032eb98c211bd63638fb4d9cf3e810670553de831553
Static task
static1
Behavioral task
behavioral1
Sample
110d349330b5310cea201212a7c99ec612eab7679925b8129a551118b9a2da73.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
110d349330b5310cea201212a7c99ec612eab7679925b8129a551118b9a2da73.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
110d349330b5310cea201212a7c99ec612eab7679925b8129a551118b9a2da73
-
Size
1.3MB
-
MD5
287bba37fa0a4b4d96cdf3125ea69fda
-
SHA1
a5f2ab561307baf4cd9c751f77bef01fd341ef46
-
SHA256
110d349330b5310cea201212a7c99ec612eab7679925b8129a551118b9a2da73
-
SHA512
435d2b19a6e7eb3bc71426f9e4e189352f6c37e28c36cccc55857c1cf724d9553b262c0a168b57e58f14032eb98c211bd63638fb4d9cf3e810670553de831553
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-