General

  • Target

    707db6632bee5696ad27dd5334d0e484

  • Size

    248KB

  • Sample

    240123-y95r8shbap

  • MD5

    707db6632bee5696ad27dd5334d0e484

  • SHA1

    9be487a09647330b7cbf0231ef29abbc944b906c

  • SHA256

    889c5f697e5218a6ee07d1d6991460032117e874f166673d2b25aff0ae8e31a0

  • SHA512

    48f2e39153edeacdb1be73f0b6043fba4152881796a62eab73cc837ac7cea28c8c3aab19ab6691e5953be70fd6869665e985402c37148fa818fb0de683c689f2

  • SSDEEP

    6144:i8FWrUrb1ESVtkUfgEZx7IphnqocAivpmU0vYd:UUrb1ESVtTfHbsqnbvpx0vYd

Malware Config

Extracted

Family

metasploit

Version

encoder/fnstenv_mov

Targets

    • Target

      707db6632bee5696ad27dd5334d0e484

    • Size

      248KB

    • MD5

      707db6632bee5696ad27dd5334d0e484

    • SHA1

      9be487a09647330b7cbf0231ef29abbc944b906c

    • SHA256

      889c5f697e5218a6ee07d1d6991460032117e874f166673d2b25aff0ae8e31a0

    • SHA512

      48f2e39153edeacdb1be73f0b6043fba4152881796a62eab73cc837ac7cea28c8c3aab19ab6691e5953be70fd6869665e985402c37148fa818fb0de683c689f2

    • SSDEEP

      6144:i8FWrUrb1ESVtkUfgEZx7IphnqocAivpmU0vYd:UUrb1ESVtTfHbsqnbvpx0vYd

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks