General
-
Target
6c62e1c5e139124e75053b118c2cf26a
-
Size
96KB
-
Sample
240121-fd5s9aegen
-
MD5
6c62e1c5e139124e75053b118c2cf26a
-
SHA1
ff1c6fbe7e9bb27e5f767e06f9ff6422476c4d89
-
SHA256
2e83c50921a3dd24722fc6199cb07b3a437224301156a559d686126441a3514c
-
SHA512
d5a7191c110a6aa9fd229334332c67cbbc758a4a7ab02c43dbfc9161731c766b68af093da7ccec34a561b8f1bf557b1e74aa1423a268cd0c9f2120de4260d15d
-
SSDEEP
1536:hEVZ6ZqyTYPxulloISgZyyKiTGojvDBN4SUMtrOI5VgZWv4lGLgBHcuaVRgrbl:ObyUwHVzZkeGojvLv7MI5Vgi482HcuWg
Static task
static1
Behavioral task
behavioral1
Sample
6c62e1c5e139124e75053b118c2cf26a.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
6c62e1c5e139124e75053b118c2cf26a.exe
Resource
win10v2004-20231222-en
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
6c62e1c5e139124e75053b118c2cf26a
-
Size
96KB
-
MD5
6c62e1c5e139124e75053b118c2cf26a
-
SHA1
ff1c6fbe7e9bb27e5f767e06f9ff6422476c4d89
-
SHA256
2e83c50921a3dd24722fc6199cb07b3a437224301156a559d686126441a3514c
-
SHA512
d5a7191c110a6aa9fd229334332c67cbbc758a4a7ab02c43dbfc9161731c766b68af093da7ccec34a561b8f1bf557b1e74aa1423a268cd0c9f2120de4260d15d
-
SSDEEP
1536:hEVZ6ZqyTYPxulloISgZyyKiTGojvDBN4SUMtrOI5VgZWv4lGLgBHcuaVRgrbl:ObyUwHVzZkeGojvLv7MI5Vgi482HcuWg
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-