General
-
Target
5dcd321fc30d82dc9e7439848ed0da54
-
Size
388KB
-
Sample
240115-xa15bseah3
-
MD5
5dcd321fc30d82dc9e7439848ed0da54
-
SHA1
85e6800abd6a359704db24fc79ca703b471eea2c
-
SHA256
99f1a07b8d4ef5d45fb2133bff97a7bda0c67cdd947fe05b60af3f8d799c28da
-
SHA512
1658bdff57d491c23483344083765a0cfe1f97559d492c326a967d80883eb449d47961ce6582c10e1bdf4b19109ac998cf165d998e7c5d30af835963cbd6f2dc
-
SSDEEP
6144:zPmL+2Xx4Yy0D5eCgz2bRjiRp5y1klnRhPVFd02HaAvPJT5cRgtMx+yEoV5efoN9:Lm6uuAo1zAR0KklRnsOvvPp5cGMAHni
Static task
static1
Behavioral task
behavioral1
Sample
5dcd321fc30d82dc9e7439848ed0da54.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
5dcd321fc30d82dc9e7439848ed0da54.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
metasploit
encoder/fnstenv_mov
Targets
-
-
Target
5dcd321fc30d82dc9e7439848ed0da54
-
Size
388KB
-
MD5
5dcd321fc30d82dc9e7439848ed0da54
-
SHA1
85e6800abd6a359704db24fc79ca703b471eea2c
-
SHA256
99f1a07b8d4ef5d45fb2133bff97a7bda0c67cdd947fe05b60af3f8d799c28da
-
SHA512
1658bdff57d491c23483344083765a0cfe1f97559d492c326a967d80883eb449d47961ce6582c10e1bdf4b19109ac998cf165d998e7c5d30af835963cbd6f2dc
-
SSDEEP
6144:zPmL+2Xx4Yy0D5eCgz2bRjiRp5y1klnRhPVFd02HaAvPJT5cRgtMx+yEoV5efoN9:Lm6uuAo1zAR0KklRnsOvvPp5cGMAHni
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Deletes itself
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Drops file in System32 directory
-