General
-
Target
6b9828ca9587d5bdea51ce6608623e588ca6851c7f78c83d5d399637a3f7bbc7
-
Size
3.0MB
-
Sample
240117-g967mabac8
-
MD5
2e4886eca495e5e120c96b826f131c3d
-
SHA1
7f4b1cf46745562dc46bcd012082b017c52f99d5
-
SHA256
6b9828ca9587d5bdea51ce6608623e588ca6851c7f78c83d5d399637a3f7bbc7
-
SHA512
4cd939b4142576a043991e7705771fbee3ce2fd133e5c8bd34558226114bce929a831cacb4afc3fbfa43e0a6bdbea7d1dd5af889f95a07f282792e44fdcbc082
-
SSDEEP
49152:0HxO2TIGghH+hkDFyTrEAfBQwMh6Qe7VLOhI:E3wN
Static task
static1
Behavioral task
behavioral1
Sample
6b9828ca9587d5bdea51ce6608623e588ca6851c7f78c83d5d399637a3f7bbc7.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
6b9828ca9587d5bdea51ce6608623e588ca6851c7f78c83d5d399637a3f7bbc7.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
metasploit
encoder/shikata_ga_nai
Extracted
metasploit
windows/reverse_tcp
104.194.78.162:9003
Targets
-
-
Target
6b9828ca9587d5bdea51ce6608623e588ca6851c7f78c83d5d399637a3f7bbc7
-
Size
3.0MB
-
MD5
2e4886eca495e5e120c96b826f131c3d
-
SHA1
7f4b1cf46745562dc46bcd012082b017c52f99d5
-
SHA256
6b9828ca9587d5bdea51ce6608623e588ca6851c7f78c83d5d399637a3f7bbc7
-
SHA512
4cd939b4142576a043991e7705771fbee3ce2fd133e5c8bd34558226114bce929a831cacb4afc3fbfa43e0a6bdbea7d1dd5af889f95a07f282792e44fdcbc082
-
SSDEEP
49152:0HxO2TIGghH+hkDFyTrEAfBQwMh6Qe7VLOhI:E3wN
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Executes dropped EXE
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-