General

  • Target

    62469584afb91c737f63235574ea6508

  • Size

    19KB

  • Sample

    240117-k72qxadbe4

  • MD5

    62469584afb91c737f63235574ea6508

  • SHA1

    e8680412ee53639116f06520efaa2e8175069596

  • SHA256

    5d8b09885dcb804b555e4b50c5a0887c708dde4a9722f9041945c1864c89c80a

  • SHA512

    e70126a92befc423764104e0dd0d9e7e29342dff6b25aa0ade5af6af414dca10d2c302cbe5f612e4c071cbde5c587bfdf8f50a1ea7f7388512fbf06eba0deae8

  • SSDEEP

    384:FATve9XrypWTRhGjXwYuUciA6Cr1hHOj7WSd35sqdYkaa1FwSSgafY:FnV/GjPuziA9rfuXWSd5Nek4Y

Malware Config

Extracted

Family

metasploit

Version

encoder/fnstenv_mov

Targets

    • Target

      62469584afb91c737f63235574ea6508

    • Size

      19KB

    • MD5

      62469584afb91c737f63235574ea6508

    • SHA1

      e8680412ee53639116f06520efaa2e8175069596

    • SHA256

      5d8b09885dcb804b555e4b50c5a0887c708dde4a9722f9041945c1864c89c80a

    • SHA512

      e70126a92befc423764104e0dd0d9e7e29342dff6b25aa0ade5af6af414dca10d2c302cbe5f612e4c071cbde5c587bfdf8f50a1ea7f7388512fbf06eba0deae8

    • SSDEEP

      384:FATve9XrypWTRhGjXwYuUciA6Cr1hHOj7WSd35sqdYkaa1FwSSgafY:FnV/GjPuziA9rfuXWSd5Nek4Y

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    • Drops file in Drivers directory

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks