General
-
Target
met.ps1
-
Size
243B
-
Sample
240123-p2djcaaddq
-
MD5
d619504e1401d57ccdbbafc98e203b12
-
SHA1
a4b103bddb7f874f5337922c9f5750e188b8164d
-
SHA256
5de9e52d170a6c62c8ea81dc8347ef8d12f2141691aa73cb6a5e8e2b9624c761
-
SHA512
ee9c28fbc8b0cb969edd0b84f6f302ba542eddcaef37eaacf3f0fd28299fa8a7aa0b7ac54d16c3fb653e661f8c5e244e90aab4bee4916056cef5e2d985cd4026
Static task
static1
Behavioral task
behavioral1
Sample
met.ps1
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
met.ps1
Resource
win10v2004-20231215-en
Malware Config
Extracted
http://165.22.23.200:8000/met.dll
Extracted
metasploit
metasploit_stager
165.22.23.200:65443
Targets
-
-
Target
met.ps1
-
Size
243B
-
MD5
d619504e1401d57ccdbbafc98e203b12
-
SHA1
a4b103bddb7f874f5337922c9f5750e188b8164d
-
SHA256
5de9e52d170a6c62c8ea81dc8347ef8d12f2141691aa73cb6a5e8e2b9624c761
-
SHA512
ee9c28fbc8b0cb969edd0b84f6f302ba542eddcaef37eaacf3f0fd28299fa8a7aa0b7ac54d16c3fb653e661f8c5e244e90aab4bee4916056cef5e2d985cd4026
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-