General
-
Target
70c7860b65f1f5119858ce4f39b28e09
-
Size
221KB
-
Sample
240123-2xb6yabhhp
-
MD5
70c7860b65f1f5119858ce4f39b28e09
-
SHA1
7bf42148ddc7dc42c45f7e751c222f5f4ef1ce76
-
SHA256
3d49c9eb5eb0e037bdd3de8a274c14db30a8b95924ff63853ed9e06ab9eaf2ef
-
SHA512
d2ddce1a474fe26e285a2f239d0eb6b322c84092e1918805fe7422edbe73d65b427ebe84f5a2d9a2130759b0ac05c9f5cfcc629eb62e44aa3f4d2ab82c9dd973
-
SSDEEP
6144:gVDw2XDUtI6h0hGARrVlHy03MEMnODW1AbLxWKX68MSk1WWW:gFVAtu/rx5BDW1yLxZk1WWW
Static task
static1
Behavioral task
behavioral1
Sample
70c7860b65f1f5119858ce4f39b28e09.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
70c7860b65f1f5119858ce4f39b28e09.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
metasploit
encoder/fnstenv_mov
Targets
-
-
Target
70c7860b65f1f5119858ce4f39b28e09
-
Size
221KB
-
MD5
70c7860b65f1f5119858ce4f39b28e09
-
SHA1
7bf42148ddc7dc42c45f7e751c222f5f4ef1ce76
-
SHA256
3d49c9eb5eb0e037bdd3de8a274c14db30a8b95924ff63853ed9e06ab9eaf2ef
-
SHA512
d2ddce1a474fe26e285a2f239d0eb6b322c84092e1918805fe7422edbe73d65b427ebe84f5a2d9a2130759b0ac05c9f5cfcc629eb62e44aa3f4d2ab82c9dd973
-
SSDEEP
6144:gVDw2XDUtI6h0hGARrVlHy03MEMnODW1AbLxWKX68MSk1WWW:gFVAtu/rx5BDW1yLxZk1WWW
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-