General
-
Target
1be00304d3b47ee886ab38c9ffa831a5dcbd0d087d7951462be7e3e0bbb24c9a
-
Size
30KB
-
Sample
220708-zgrwcagbfn
-
MD5
1f99155b3e9e1aac1673e6a80424d956
-
SHA1
ab70b90e6018c2d59aa4c8e48dabe28f94993c51
-
SHA256
1be00304d3b47ee886ab38c9ffa831a5dcbd0d087d7951462be7e3e0bbb24c9a
-
SHA512
bbbf9a93ac243d745eb7963a5829c500dbc41340f2333da4f8a40850dd43f1c353442a6d7613df0aafc62c3194050bdd3754c778a95c42bd410d2418f1a768fd
Static task
static1
Behavioral task
behavioral1
Sample
1be00304d3b47ee886ab38c9ffa831a5dcbd0d087d7951462be7e3e0bbb24c9a.vbs
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
1be00304d3b47ee886ab38c9ffa831a5dcbd0d087d7951462be7e3e0bbb24c9a.vbs
Resource
win10v2004-20220414-en
Malware Config
Extracted
metasploit
windows/download_exec
http://ctfd.top:8080/2nyC
- headers User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko Host: ctfd.top
Targets
-
-
Target
1be00304d3b47ee886ab38c9ffa831a5dcbd0d087d7951462be7e3e0bbb24c9a
-
Size
30KB
-
MD5
1f99155b3e9e1aac1673e6a80424d956
-
SHA1
ab70b90e6018c2d59aa4c8e48dabe28f94993c51
-
SHA256
1be00304d3b47ee886ab38c9ffa831a5dcbd0d087d7951462be7e3e0bbb24c9a
-
SHA512
bbbf9a93ac243d745eb7963a5829c500dbc41340f2333da4f8a40850dd43f1c353442a6d7613df0aafc62c3194050bdd3754c778a95c42bd410d2418f1a768fd
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Executes dropped EXE
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-