General
-
Target
f91dc9c9ea3647012ff2b218237ca8b8a722b8f9c752dd74e4968d4154d6f8ff
-
Size
486KB
-
Sample
221127-xjggaaef6w
-
MD5
58f225226e709ce3bf867d59e8be4820
-
SHA1
d88107d42968e2441368eea84286a587ad8f1fdb
-
SHA256
f91dc9c9ea3647012ff2b218237ca8b8a722b8f9c752dd74e4968d4154d6f8ff
-
SHA512
5b22a2d144ca83434ba0ea9e88d198a3cd344a95e9275c85f356f9e075556af6b95ae46585ed91c436d7ae21ab6afe0f4447edfe2d1758ef53e2decc37fe0d3e
-
SSDEEP
12288:jFJs3XraGmcmd/26o9juQ+pDQZPpWubrG/+9P/9YYbTH:jjs3XFxxpJ+pDKR9nKoTH
Behavioral task
behavioral1
Sample
f91dc9c9ea3647012ff2b218237ca8b8a722b8f9c752dd74e4968d4154d6f8ff.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
f91dc9c9ea3647012ff2b218237ca8b8a722b8f9c752dd74e4968d4154d6f8ff.exe
Resource
win10v2004-20221111-en
Malware Config
Extracted
metasploit
encoder/shikata_ga_nai
Extracted
metasploit
windows/shell_reverse_tcp
8.8.8.8:443
Targets
-
-
Target
f91dc9c9ea3647012ff2b218237ca8b8a722b8f9c752dd74e4968d4154d6f8ff
-
Size
486KB
-
MD5
58f225226e709ce3bf867d59e8be4820
-
SHA1
d88107d42968e2441368eea84286a587ad8f1fdb
-
SHA256
f91dc9c9ea3647012ff2b218237ca8b8a722b8f9c752dd74e4968d4154d6f8ff
-
SHA512
5b22a2d144ca83434ba0ea9e88d198a3cd344a95e9275c85f356f9e075556af6b95ae46585ed91c436d7ae21ab6afe0f4447edfe2d1758ef53e2decc37fe0d3e
-
SSDEEP
12288:jFJs3XraGmcmd/26o9juQ+pDQZPpWubrG/+9P/9YYbTH:jjs3XFxxpJ+pDKR9nKoTH
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
AutoIT Executable
AutoIT scripts compiled to PE executables.
-
Suspicious use of SetThreadContext
-