General
-
Target
8e2740916af9e933ff2afe5ce158af4220798875e18c148fa2b96530af260933
-
Size
124KB
-
Sample
221203-aw6klsda3s
-
MD5
529fade9b912037e65c8765d35d4b066
-
SHA1
108edd33406cda07d8ee2a87df8d305159aa7a25
-
SHA256
8e2740916af9e933ff2afe5ce158af4220798875e18c148fa2b96530af260933
-
SHA512
1d7d1e006786a31a10b77a2634a480e35815dc8d18d34a0d3230fefed671d7a0a5377668d71fb44cca2a69ab0a344125b865122052ba56d8a1e45431c0189c17
-
SSDEEP
1536:khqSYtGeGemOBKu9eL5/4weWWzmrn14z7/zstv9ScRIMU/wAGrw1e5aRLW2/:7eVwweWUmr1S7/zw1R/UYAx1GYWO
Static task
static1
Behavioral task
behavioral1
Sample
8e2740916af9e933ff2afe5ce158af4220798875e18c148fa2b96530af260933.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
8e2740916af9e933ff2afe5ce158af4220798875e18c148fa2b96530af260933.exe
Resource
win10v2004-20220812-en
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
8e2740916af9e933ff2afe5ce158af4220798875e18c148fa2b96530af260933
-
Size
124KB
-
MD5
529fade9b912037e65c8765d35d4b066
-
SHA1
108edd33406cda07d8ee2a87df8d305159aa7a25
-
SHA256
8e2740916af9e933ff2afe5ce158af4220798875e18c148fa2b96530af260933
-
SHA512
1d7d1e006786a31a10b77a2634a480e35815dc8d18d34a0d3230fefed671d7a0a5377668d71fb44cca2a69ab0a344125b865122052ba56d8a1e45431c0189c17
-
SSDEEP
1536:khqSYtGeGemOBKu9eL5/4weWWzmrn14z7/zstv9ScRIMU/wAGrw1e5aRLW2/:7eVwweWUmr1S7/zw1R/UYAx1GYWO
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Adds policy Run key to start application
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-