General

  • Target

    62a0a116bf6d52b1230e547337604bf9

  • Size

    32KB

  • Sample

    240117-pq47xsfafk

  • MD5

    62a0a116bf6d52b1230e547337604bf9

  • SHA1

    980c5833c2a06cf6a0481eabe9eb728e22c7e942

  • SHA256

    e96ee36ef37f8812ec980e7957864d6e1c54ff3362a39b810effbf6c6e5e6693

  • SHA512

    18766b0e60da8ecee3ae408808c3960d3b2cdeeb0bef61d870295e8206a2f5f7170a03e012fd143b9c13e7b5fae2743bbb5a8c456924607aa5cd0d396a9989c8

  • SSDEEP

    768:P5oQQCmE8Y7rOc1YiXT+viYwP/OkhrdRqdxbVXnAXVpnplY:hojCrV7C6YiXivnwDRE353g/pi

Malware Config

Extracted

Family

metasploit

Version

encoder/fnstenv_mov

Targets

    • Target

      62a0a116bf6d52b1230e547337604bf9

    • Size

      32KB

    • MD5

      62a0a116bf6d52b1230e547337604bf9

    • SHA1

      980c5833c2a06cf6a0481eabe9eb728e22c7e942

    • SHA256

      e96ee36ef37f8812ec980e7957864d6e1c54ff3362a39b810effbf6c6e5e6693

    • SHA512

      18766b0e60da8ecee3ae408808c3960d3b2cdeeb0bef61d870295e8206a2f5f7170a03e012fd143b9c13e7b5fae2743bbb5a8c456924607aa5cd0d396a9989c8

    • SSDEEP

      768:P5oQQCmE8Y7rOc1YiXT+viYwP/OkhrdRqdxbVXnAXVpnplY:hojCrV7C6YiXivnwDRE353g/pi

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    • Drops file in Drivers directory

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks