General
-
Target
8ede1122659aae18eb0e66240863e1b721e47bec66d49a1b00f6a4fcca0c5b20
-
Size
47KB
-
Sample
221205-gw21rage5x
-
MD5
11baa7ec67f792ff04c77d2372014461
-
SHA1
9f559e8445499c62eaf1760bf247193462a46657
-
SHA256
8ede1122659aae18eb0e66240863e1b721e47bec66d49a1b00f6a4fcca0c5b20
-
SHA512
e0b9df5567e5e219412f5dd37d5056094ab07ee447fe700816aac495e4fd7233111a04e7dd2e6e4f82dc29a961551cdad87a5e897c43b3fe6f63eb4473fb5685
-
SSDEEP
768:N3PE9iFDZTQnSuPX9dYsvY3X42dJer7CsFja9NSaG6rhR9KLRGa02SLQy5YvmD9L:VE9iFDZTQnSuPX9dYsvY3X42dJer7CQU
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
8ede1122659aae18eb0e66240863e1b721e47bec66d49a1b00f6a4fcca0c5b20
-
Size
47KB
-
MD5
11baa7ec67f792ff04c77d2372014461
-
SHA1
9f559e8445499c62eaf1760bf247193462a46657
-
SHA256
8ede1122659aae18eb0e66240863e1b721e47bec66d49a1b00f6a4fcca0c5b20
-
SHA512
e0b9df5567e5e219412f5dd37d5056094ab07ee447fe700816aac495e4fd7233111a04e7dd2e6e4f82dc29a961551cdad87a5e897c43b3fe6f63eb4473fb5685
-
SSDEEP
768:N3PE9iFDZTQnSuPX9dYsvY3X42dJer7CsFja9NSaG6rhR9KLRGa02SLQy5YvmD9L:VE9iFDZTQnSuPX9dYsvY3X42dJer7CQU
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Adds policy Run key to start application
-
Executes dropped EXE
-
Adds Run key to start application
-