General
-
Target
5da7b5a6d79339bb86ba48ed019b947e
-
Size
52KB
-
Sample
240115-vx1qzachf3
-
MD5
5da7b5a6d79339bb86ba48ed019b947e
-
SHA1
60a21e7e72b414578f67cd35147e6711fa0e2b26
-
SHA256
c0f35e299a01580aaf99f6210962689e8aa7b72a90eb1de3cf5ea787abeb8284
-
SHA512
800eec77e7b298999580eb0c73ede4c4a0e01cfed551c4533dd9e0dc477ff3e5628a0ebad02a3575b39d24b0cbc509d2701a56befe1e763fa925b721905c8cb7
-
SSDEEP
1536:8d73zrKfH7uzgsEO6VtnpPOTjoGxOvoHh2RVx:XX1bVJpPOTjoGxOgHh2R
Static task
static1
Behavioral task
behavioral1
Sample
5da7b5a6d79339bb86ba48ed019b947e.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
5da7b5a6d79339bb86ba48ed019b947e.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
5da7b5a6d79339bb86ba48ed019b947e
-
Size
52KB
-
MD5
5da7b5a6d79339bb86ba48ed019b947e
-
SHA1
60a21e7e72b414578f67cd35147e6711fa0e2b26
-
SHA256
c0f35e299a01580aaf99f6210962689e8aa7b72a90eb1de3cf5ea787abeb8284
-
SHA512
800eec77e7b298999580eb0c73ede4c4a0e01cfed551c4533dd9e0dc477ff3e5628a0ebad02a3575b39d24b0cbc509d2701a56befe1e763fa925b721905c8cb7
-
SSDEEP
1536:8d73zrKfH7uzgsEO6VtnpPOTjoGxOvoHh2RVx:XX1bVJpPOTjoGxOgHh2R
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Adds policy Run key to start application
-
Executes dropped EXE
-
Adds Run key to start application
-