General
Target

3fa98e5083ee3e162e70b81eabf2275a50a2e27cb11a7b14f18be951a8be3c12

Size

98KB

Sample

220630-3jmaeseba8

Score
10/10
MD5

9c7f5c15b94e9e1ad1301ffe3e69424f

SHA1

b53adf7466534f9c0ec06f3ee9cf16f629b665ca

SHA256

3fa98e5083ee3e162e70b81eabf2275a50a2e27cb11a7b14f18be951a8be3c12

SHA512

456ae297445a7b0c92a3f2fd913c335e1d4085d9e54259ac1f27db18994669d6202cbb02fa2944bd58dd0e623a317c8a70801d7f2e3c82d4feb509a15025206a

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Targets
Target

3fa98e5083ee3e162e70b81eabf2275a50a2e27cb11a7b14f18be951a8be3c12

MD5

9c7f5c15b94e9e1ad1301ffe3e69424f

Filesize

98KB

Score
10/10
SHA1

b53adf7466534f9c0ec06f3ee9cf16f629b665ca

SHA256

3fa98e5083ee3e162e70b81eabf2275a50a2e27cb11a7b14f18be951a8be3c12

SHA512

456ae297445a7b0c92a3f2fd913c335e1d4085d9e54259ac1f27db18994669d6202cbb02fa2944bd58dd0e623a317c8a70801d7f2e3c82d4feb509a15025206a

Tags

Signatures

  • MetaSploit

    Description

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    Tags

  • Suspicious use of SetThreadContext

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          Score
                          N/A

                          behavioral1

                          Score
                          10/10

                          behavioral2

                          Score
                          10/10