General
-
Target
2841888a335b596b8689602c178d214a917156948feee5fbc87488daf4cf64ba
-
Size
47KB
-
Sample
221128-wll9waea85
-
MD5
3276c7c368e7e98ec2a3b2a56424e23a
-
SHA1
2d274d298a450119352e7e249200485378142c8f
-
SHA256
2841888a335b596b8689602c178d214a917156948feee5fbc87488daf4cf64ba
-
SHA512
6e874b58015d14cc0b8826f4fc771df9de862a02c04bac3e56397979cfc3a161e5f6b6ae513a21cdc33b9fd36a5dc562b971c78eb65a6dba476ed0fedbead314
-
SSDEEP
768:0eDJW5CopPSFD6Y78fm6AjUNwacw/fClaIex9XaAVnoCY2DiLN7f8shrzPsOJYJJ:1DE5CwsHgfmvCw8/aUxV0Cdebt1zcFVl
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
2841888a335b596b8689602c178d214a917156948feee5fbc87488daf4cf64ba
-
Size
47KB
-
MD5
3276c7c368e7e98ec2a3b2a56424e23a
-
SHA1
2d274d298a450119352e7e249200485378142c8f
-
SHA256
2841888a335b596b8689602c178d214a917156948feee5fbc87488daf4cf64ba
-
SHA512
6e874b58015d14cc0b8826f4fc771df9de862a02c04bac3e56397979cfc3a161e5f6b6ae513a21cdc33b9fd36a5dc562b971c78eb65a6dba476ed0fedbead314
-
SSDEEP
768:0eDJW5CopPSFD6Y78fm6AjUNwacw/fClaIex9XaAVnoCY2DiLN7f8shrzPsOJYJJ:1DE5CwsHgfmvCw8/aUxV0Cdebt1zcFVl
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Adds policy Run key to start application
-
Executes dropped EXE
-
Adds Run key to start application
-