General
-
Target
523d75144c7a7c4baf6bb4fc17d888a663a3ab060e2f1e4865a4efc9a72539f5
-
Size
1.7MB
-
Sample
240117-jcf1aaahfm
-
MD5
ce0bb05e5604dfaed9e05958612c4382
-
SHA1
982a94bc8969e7cf3f88cb4f574be7c6b8ac4ff0
-
SHA256
523d75144c7a7c4baf6bb4fc17d888a663a3ab060e2f1e4865a4efc9a72539f5
-
SHA512
8fe2bff1ecb49502346c99efcf04d431be3bae0a9427d1a58cf42bb51602545e1d0cd188188f9af4936fee3b69d6853387244f58eabde056fe8e72b602dcc64d
-
SSDEEP
49152:oeNIq8D4EAQ9+5/34BjIsC15/Gp4h1LC979wt6Fs:978sg+5f4BO15q4h1LC9Rwys
Static task
static1
Behavioral task
behavioral1
Sample
523d75144c7a7c4baf6bb4fc17d888a663a3ab060e2f1e4865a4efc9a72539f5.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
523d75144c7a7c4baf6bb4fc17d888a663a3ab060e2f1e4865a4efc9a72539f5.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
metasploit
windows/shell_reverse_tcp
104.194.78.162:4444
Targets
-
-
Target
523d75144c7a7c4baf6bb4fc17d888a663a3ab060e2f1e4865a4efc9a72539f5
-
Size
1.7MB
-
MD5
ce0bb05e5604dfaed9e05958612c4382
-
SHA1
982a94bc8969e7cf3f88cb4f574be7c6b8ac4ff0
-
SHA256
523d75144c7a7c4baf6bb4fc17d888a663a3ab060e2f1e4865a4efc9a72539f5
-
SHA512
8fe2bff1ecb49502346c99efcf04d431be3bae0a9427d1a58cf42bb51602545e1d0cd188188f9af4936fee3b69d6853387244f58eabde056fe8e72b602dcc64d
-
SSDEEP
49152:oeNIq8D4EAQ9+5/34BjIsC15/Gp4h1LC979wt6Fs:978sg+5f4BO15q4h1LC9Rwys
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-