General
-
Target
70b01d8214ac8072450dc3ae35781095
-
Size
512KB
-
Sample
240123-13sv7sbaer
-
MD5
70b01d8214ac8072450dc3ae35781095
-
SHA1
821cbf7dc8e00b29d2105b945515e7f543f59c91
-
SHA256
4fee0b5d7339bc9c76a1822054c4232bac7de07acfd59a1aed90fbfc07bc313d
-
SHA512
af1705c746f80e09bcc146419966dd57b2e4ec301b2523cae5a5b9a6c9d348ed5f89ef4a4be21de64021bbe17071feb07153e38c7852e0cff41b3f8288c14b98
-
SSDEEP
12288:EnulnLFMImjjyP5fds3Z1AHuSMpVK6FZTR5BjmsdTCANoXD:vBFuIy3Za3Mps4r3dTCKoXD
Behavioral task
behavioral1
Sample
70b01d8214ac8072450dc3ae35781095.exe
Resource
win7-20231215-en
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
70b01d8214ac8072450dc3ae35781095
-
Size
512KB
-
MD5
70b01d8214ac8072450dc3ae35781095
-
SHA1
821cbf7dc8e00b29d2105b945515e7f543f59c91
-
SHA256
4fee0b5d7339bc9c76a1822054c4232bac7de07acfd59a1aed90fbfc07bc313d
-
SHA512
af1705c746f80e09bcc146419966dd57b2e4ec301b2523cae5a5b9a6c9d348ed5f89ef4a4be21de64021bbe17071feb07153e38c7852e0cff41b3f8288c14b98
-
SSDEEP
12288:EnulnLFMImjjyP5fds3Z1AHuSMpVK6FZTR5BjmsdTCANoXD:vBFuIy3Za3Mps4r3dTCKoXD
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Executes dropped EXE
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Loads dropped DLL
-
Drops file in System32 directory
-