General
-
Target
cb3b270b7bb265618fefb258265427655eda4330669612bf9f9df1bd3eac012b
-
Size
841KB
-
Sample
221203-fjgcvafd94
-
MD5
5725decdb18c79f27a032e279cd984bc
-
SHA1
01154e4dadad43d5112c37bd609bdc58acc4f6c6
-
SHA256
cb3b270b7bb265618fefb258265427655eda4330669612bf9f9df1bd3eac012b
-
SHA512
a47d042c7731be8f43598fdf22ebff9df1f5db791bd2ebd423f1e532d2291ef472e57b7d883c78d23cc089ec73035150a43978ce828376b548d6846da059c969
-
SSDEEP
24576:5O/JS1kUo4A4dv0djeIfO7oNUcpeqqZmudmg:5CBUo14V8jhUCBqZmuwg
Static task
static1
Behavioral task
behavioral1
Sample
cb3b270b7bb265618fefb258265427655eda4330669612bf9f9df1bd3eac012b.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
cb3b270b7bb265618fefb258265427655eda4330669612bf9f9df1bd3eac012b.exe
Resource
win10v2004-20220901-en
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
cb3b270b7bb265618fefb258265427655eda4330669612bf9f9df1bd3eac012b
-
Size
841KB
-
MD5
5725decdb18c79f27a032e279cd984bc
-
SHA1
01154e4dadad43d5112c37bd609bdc58acc4f6c6
-
SHA256
cb3b270b7bb265618fefb258265427655eda4330669612bf9f9df1bd3eac012b
-
SHA512
a47d042c7731be8f43598fdf22ebff9df1f5db791bd2ebd423f1e532d2291ef472e57b7d883c78d23cc089ec73035150a43978ce828376b548d6846da059c969
-
SSDEEP
24576:5O/JS1kUo4A4dv0djeIfO7oNUcpeqqZmudmg:5CBUo14V8jhUCBqZmuwg
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Drops file in Drivers directory
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-