General
-
Target
4e7018d186f59376046e964b8565672cc88637fb525d0ae028e89c372d40a41b
-
Size
64KB
-
Sample
221130-1ys1each2w
-
MD5
e2313df488de5593559050dadf593c9e
-
SHA1
27c09b4f9289c535bd94a64e797af8aa9c75901d
-
SHA256
4e7018d186f59376046e964b8565672cc88637fb525d0ae028e89c372d40a41b
-
SHA512
6e11022d84d127a37443972d7c560604ac7e1d55bae01432a3ad1fb332f1fae698e81eb05e173c37f3c519ab306891fd45d1d0d7a5518c5f4c31b3cbade11b86
-
SSDEEP
1536:nlS16KPw40WiwDwTSjpQMXpd8Zd7r6PQQFVuk9ib4+ydZH:nlzKPw4RDwmmMZudSIwVu7udZH
Behavioral task
behavioral1
Sample
4e7018d186f59376046e964b8565672cc88637fb525d0ae028e89c372d40a41b.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
4e7018d186f59376046e964b8565672cc88637fb525d0ae028e89c372d40a41b.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
metasploit
encoder/shikata_ga_nai
Extracted
metasploit
windows/shell_reverse_tcp
192.168.1.15:22222
Targets
-
-
Target
4e7018d186f59376046e964b8565672cc88637fb525d0ae028e89c372d40a41b
-
Size
64KB
-
MD5
e2313df488de5593559050dadf593c9e
-
SHA1
27c09b4f9289c535bd94a64e797af8aa9c75901d
-
SHA256
4e7018d186f59376046e964b8565672cc88637fb525d0ae028e89c372d40a41b
-
SHA512
6e11022d84d127a37443972d7c560604ac7e1d55bae01432a3ad1fb332f1fae698e81eb05e173c37f3c519ab306891fd45d1d0d7a5518c5f4c31b3cbade11b86
-
SSDEEP
1536:nlS16KPw40WiwDwTSjpQMXpd8Zd7r6PQQFVuk9ib4+ydZH:nlzKPw4RDwmmMZudSIwVu7udZH
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Executes dropped EXE
-
Loads dropped DLL
-