General
-
Target
fb574ce91d1f96fb8abacc141cac5b6d
-
Size
45KB
-
Sample
230125-j1v44sha7w
-
MD5
fb574ce91d1f96fb8abacc141cac5b6d
-
SHA1
5343fae4dd5b99b363fa7f4b7862cd94f5213b74
-
SHA256
a9cda69c1f0e51550630a521f41298118b43ba29adc4ec8ee9843f6e849ff875
-
SHA512
29c0713b437148e8f1a70bb86a4998a78ab74959e48cf57a70af6f010715a98bcf8507c7f5f8fb4071b977989946e3afed595f971d81f7a88972a39cd3eb940e
-
SSDEEP
768:2qOiPLVAxKFAbYH3IZTWk45ZNOvi0gcmBJ:wiPBvFz8tOF
Behavioral task
behavioral1
Sample
fb574ce91d1f96fb8abacc141cac5b6d.doc
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
fb574ce91d1f96fb8abacc141cac5b6d.doc
Resource
win10v2004-20220812-en
Malware Config
Extracted
metasploit
windows/reverse_tcp
192.168.72.130:1234
Targets
-
-
Target
fb574ce91d1f96fb8abacc141cac5b6d
-
Size
45KB
-
MD5
fb574ce91d1f96fb8abacc141cac5b6d
-
SHA1
5343fae4dd5b99b363fa7f4b7862cd94f5213b74
-
SHA256
a9cda69c1f0e51550630a521f41298118b43ba29adc4ec8ee9843f6e849ff875
-
SHA512
29c0713b437148e8f1a70bb86a4998a78ab74959e48cf57a70af6f010715a98bcf8507c7f5f8fb4071b977989946e3afed595f971d81f7a88972a39cd3eb940e
-
SSDEEP
768:2qOiPLVAxKFAbYH3IZTWk45ZNOvi0gcmBJ:wiPBvFz8tOF
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-