General

  • Target

    702d3be877923dc28fdce8931775b7ae

  • Size

    30KB

  • Sample

    240123-wcla8adgfj

  • MD5

    702d3be877923dc28fdce8931775b7ae

  • SHA1

    8223a86a9feb77aded9834f4959b020f0ee43823

  • SHA256

    86317e3059cfe0c1252d9d7ddfa6999ccba1aebab0a6c3e81d28fe7edd9986f7

  • SHA512

    92ec7bd649d7609c8aa671697cbd467e108a0db84cbf2730b1094cf9e307fd53e304a3e8d849f48b176f426991455eef144946cf803ccfee170ed46fe698f68d

  • SSDEEP

    768:Sjv514oCbIEtRcs3D0KWdebSEmDd67JZQN0HjDz72AFiY:svUoCMEtR3D0ES7hOZQN0Hz7FFD

Malware Config

Extracted

Family

metasploit

Version

encoder/fnstenv_mov

Targets

    • Target

      702d3be877923dc28fdce8931775b7ae

    • Size

      30KB

    • MD5

      702d3be877923dc28fdce8931775b7ae

    • SHA1

      8223a86a9feb77aded9834f4959b020f0ee43823

    • SHA256

      86317e3059cfe0c1252d9d7ddfa6999ccba1aebab0a6c3e81d28fe7edd9986f7

    • SHA512

      92ec7bd649d7609c8aa671697cbd467e108a0db84cbf2730b1094cf9e307fd53e304a3e8d849f48b176f426991455eef144946cf803ccfee170ed46fe698f68d

    • SSDEEP

      768:Sjv514oCbIEtRcs3D0KWdebSEmDd67JZQN0HjDz72AFiY:svUoCMEtR3D0ES7hOZQN0Hz7FFD

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks