General
-
Target
2fa943c5900d06592383233dfc8258014945f353ee3f17ac4288ac6e465394ec
-
Size
252KB
-
Sample
220621-ybjgcabbhp
-
MD5
46cef83221baed860741d5ea8d69ab55
-
SHA1
15afff44738afbcefa27d1eb7bcd78cf6faebb6d
-
SHA256
2fa943c5900d06592383233dfc8258014945f353ee3f17ac4288ac6e465394ec
-
SHA512
20fb1609704749556c3694faba45b46e1a5a2f8fdcbd4a293d881bb746f8a2b4ecec9431671af7f3ddb5140f54976354bf3ed8f332d87ca325e7f446312248e3
Static task
static1
Behavioral task
behavioral1
Sample
salary_ranges.docm
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
salary_ranges.docm
Resource
win10v2004-20220414-en
Malware Config
Extracted
metasploit
windows/reverse_http
http://intranet.iml-bank.info:8443/bYdlO5EaAdxEN0U2HZnuJgNIg3DW9OTJnb8evXSt58vYMLdYSI0mna6_pJRRxZXDbngIH_8E88XkC337M3U3EQJNFwHQJtiw8a8bTNqNcc-niwQ-nqOBcnfqorz6aMGUvym9oK5dH3ctbP8zV
Targets
-
-
Target
salary_ranges.docm
-
Size
255KB
-
MD5
ed3b4e9f3e4ecaa892a385bf73637b7d
-
SHA1
cbe4f0dfe65091ac454323821a87bf4811a4b985
-
SHA256
20e34ba4bc010f84a75d72ee6dad0b1a0524b56fa5268deb84a3d88c4ed87880
-
SHA512
bfc5f7db658e893bffe4bc08b4916d1478349198b1b80c822ece134689f171c8ce5334893150cbb6cbacd98f5f8ae4489dcf5a86006f0ffc802057e0eacd7fb1
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Executes dropped EXE
-
Loads dropped DLL
-