General
-
Target
7073233963ce007e7be62b37de5a9823
-
Size
159KB
-
Sample
240123-yxafkahbd9
-
MD5
7073233963ce007e7be62b37de5a9823
-
SHA1
3ad526d39525c940f7632790764e83285f40536c
-
SHA256
622e4340431d18c7789dff02bdfdcfdc3db0450ba12c6ceaa9c5bca18f0499f2
-
SHA512
ceccaf59906c78dc429919cbacc939cd2a6f450ecd5e532a5ed44989a7bae57348b9fc55d36b9316c95eb4bbe66809a184a06b15dbb0fdeeb7625ec532e34af1
-
SSDEEP
3072:nrcBiVV+MJORyYlEkrKhojWFyj8Ins990tUZqxpqqHrR+ig8mYzo3Sg7:rRVVzJUEkrGojJIIs990tUZaqOK/
Static task
static1
Behavioral task
behavioral1
Sample
7073233963ce007e7be62b37de5a9823.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
7073233963ce007e7be62b37de5a9823.exe
Resource
win10v2004-20231222-en
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
7073233963ce007e7be62b37de5a9823
-
Size
159KB
-
MD5
7073233963ce007e7be62b37de5a9823
-
SHA1
3ad526d39525c940f7632790764e83285f40536c
-
SHA256
622e4340431d18c7789dff02bdfdcfdc3db0450ba12c6ceaa9c5bca18f0499f2
-
SHA512
ceccaf59906c78dc429919cbacc939cd2a6f450ecd5e532a5ed44989a7bae57348b9fc55d36b9316c95eb4bbe66809a184a06b15dbb0fdeeb7625ec532e34af1
-
SSDEEP
3072:nrcBiVV+MJORyYlEkrKhojWFyj8Ins990tUZqxpqqHrR+ig8mYzo3Sg7:rRVVzJUEkrGojJIIs990tUZaqOK/
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Modifies firewall policy service
-
Modifies security service
-
Looks for VMWare Tools registry key
-
Deletes itself
-
Executes dropped EXE
-
Drops file in System32 directory
-