General
-
Target
61e54989f6ac2aea6910d41776c24a66
-
Size
366KB
-
Sample
240117-gkzfgsaee6
-
MD5
61e54989f6ac2aea6910d41776c24a66
-
SHA1
e4d609ba221fe9702432a59d07da1ee458fd72cd
-
SHA256
199bf3de824069fd794e61f830bd5a000f1b722d4344e9481c47a8f12d7684d0
-
SHA512
546b4e9547be159f4af14dc61ea2ff28437f6d1cc2c623061866414d558a37c7e1f1265878a75c3d9a451d838db559562af9cc2c984f8423c000db9942ffe0a9
-
SSDEEP
6144:dUjbqpJZ/x77j/jRbbnYy8upJ+8h5g5qqCGq1K2HD2EzsET8p2r4pnZgZNm7wni:dUipX/tbtbbX8uz+qg5qV0CFzsE9roZr
Static task
static1
Behavioral task
behavioral1
Sample
61e54989f6ac2aea6910d41776c24a66.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
61e54989f6ac2aea6910d41776c24a66.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
metasploit
encoder/fnstenv_mov
Targets
-
-
Target
61e54989f6ac2aea6910d41776c24a66
-
Size
366KB
-
MD5
61e54989f6ac2aea6910d41776c24a66
-
SHA1
e4d609ba221fe9702432a59d07da1ee458fd72cd
-
SHA256
199bf3de824069fd794e61f830bd5a000f1b722d4344e9481c47a8f12d7684d0
-
SHA512
546b4e9547be159f4af14dc61ea2ff28437f6d1cc2c623061866414d558a37c7e1f1265878a75c3d9a451d838db559562af9cc2c984f8423c000db9942ffe0a9
-
SSDEEP
6144:dUjbqpJZ/x77j/jRbbnYy8upJ+8h5g5qqCGq1K2HD2EzsET8p2r4pnZgZNm7wni:dUipX/tbtbbX8uz+qg5qV0CFzsE9roZr
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-