General

  • Target

    61691a314c2f3d3f825243d9560623cd

  • Size

    102KB

  • Sample

    240117-b2374sedgr

  • MD5

    61691a314c2f3d3f825243d9560623cd

  • SHA1

    644889d387bff0fe25bd9bc2138841a9379f7344

  • SHA256

    f01ed8e6605e38c8c2b59873b5bb927cd9e861e6acc0d5d184757ae6097de137

  • SHA512

    190fd4137108c9f328d3e5abdd709ae26715c921b46fa0f832737db60e606487b49e542c375c847afee0d4c97b5e5aa7e6d8ed2115e0ae469b61d17f1be9195b

  • SSDEEP

    3072:Y3wsezUFc5qVUpxReh0BiU0YADxZo+oaHA+EokeYSNJB:YAsDczx0LJYADxa+oaH3keYS7B

Malware Config

Extracted

Family

metasploit

Version

encoder/fnstenv_mov

Targets

    • Target

      61691a314c2f3d3f825243d9560623cd

    • Size

      102KB

    • MD5

      61691a314c2f3d3f825243d9560623cd

    • SHA1

      644889d387bff0fe25bd9bc2138841a9379f7344

    • SHA256

      f01ed8e6605e38c8c2b59873b5bb927cd9e861e6acc0d5d184757ae6097de137

    • SHA512

      190fd4137108c9f328d3e5abdd709ae26715c921b46fa0f832737db60e606487b49e542c375c847afee0d4c97b5e5aa7e6d8ed2115e0ae469b61d17f1be9195b

    • SSDEEP

      3072:Y3wsezUFc5qVUpxReh0BiU0YADxZo+oaHA+EokeYSNJB:YAsDczx0LJYADxa+oaH3keYS7B

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks