General
-
Target
23189cc64c0ccd26a4ddd11602b4af76bd2e381a0a28250bf257d8e239c42e52
-
Size
95KB
-
Sample
220612-c9fmfsbacl
-
MD5
c74bb08e57a5cb5535b6348f2272ced9
-
SHA1
fcf7da57789483170bd787e33175c112c776792c
-
SHA256
23189cc64c0ccd26a4ddd11602b4af76bd2e381a0a28250bf257d8e239c42e52
-
SHA512
0f8179c997cff1cd793aa51256e5070f4766722cee166674c40586e976656bfd01305996f44092d7fdede9e2504ca67a3c12e1bbbbbf704ce4758b1106ad90ee
Static task
static1
Behavioral task
behavioral1
Sample
23189cc64c0ccd26a4ddd11602b4af76bd2e381a0a28250bf257d8e239c42e52.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
23189cc64c0ccd26a4ddd11602b4af76bd2e381a0a28250bf257d8e239c42e52.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
23189cc64c0ccd26a4ddd11602b4af76bd2e381a0a28250bf257d8e239c42e52
-
Size
95KB
-
MD5
c74bb08e57a5cb5535b6348f2272ced9
-
SHA1
fcf7da57789483170bd787e33175c112c776792c
-
SHA256
23189cc64c0ccd26a4ddd11602b4af76bd2e381a0a28250bf257d8e239c42e52
-
SHA512
0f8179c997cff1cd793aa51256e5070f4766722cee166674c40586e976656bfd01305996f44092d7fdede9e2504ca67a3c12e1bbbbbf704ce4758b1106ad90ee
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-