General
-
Target
5e9013e22ff455200a1a014780dbdd5e
-
Size
497KB
-
Sample
240116-bfjxcaabap
-
MD5
5e9013e22ff455200a1a014780dbdd5e
-
SHA1
0e6373420a6a2d58e8bf9421c0c1965aa7992974
-
SHA256
cfe125f36d37de26cd3d2003ca27710e67ea988c30bfa3a83b86a56cc1f35e6e
-
SHA512
38942b9965445b68e997c34be7b17ced7461f2a290bb633cbcaf95f1cd7b97fb9ae168664174c712b79d866bc5a366395c31bc4548cbb0cda5b98c2fbe28f8c2
-
SSDEEP
6144:djrovygY18ZTb218VhPMeaHd7mKo5x12zELLWHicDwxEMGwBMxCtiozL7z3:Dy5hPMeaHro5x5c8xEMGwpXX
Static task
static1
Behavioral task
behavioral1
Sample
5e9013e22ff455200a1a014780dbdd5e.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
5e9013e22ff455200a1a014780dbdd5e.exe
Resource
win10v2004-20231222-en
Malware Config
Extracted
metasploit
encoder/fnstenv_mov
Targets
-
-
Target
5e9013e22ff455200a1a014780dbdd5e
-
Size
497KB
-
MD5
5e9013e22ff455200a1a014780dbdd5e
-
SHA1
0e6373420a6a2d58e8bf9421c0c1965aa7992974
-
SHA256
cfe125f36d37de26cd3d2003ca27710e67ea988c30bfa3a83b86a56cc1f35e6e
-
SHA512
38942b9965445b68e997c34be7b17ced7461f2a290bb633cbcaf95f1cd7b97fb9ae168664174c712b79d866bc5a366395c31bc4548cbb0cda5b98c2fbe28f8c2
-
SSDEEP
6144:djrovygY18ZTb218VhPMeaHd7mKo5x12zELLWHicDwxEMGwBMxCtiozL7z3:Dy5hPMeaHro5x5c8xEMGwpXX
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Modifies security service
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-