General
-
Target
b6b51a3883d3e421106570108db1acba
-
Size
92KB
-
Sample
240306-gyd2psea57
-
MD5
b6b51a3883d3e421106570108db1acba
-
SHA1
e348f3cbb0c986281895a1dbdb68195d8874a5e8
-
SHA256
a5ed97dc3f462985a2c1f4c65f23aae26ee37ec6b928fb39f80161294b9c9fae
-
SHA512
00c10c28596ce378619984ea07b179f29f5c51f115878fc71fdddec22d814ae4277fd37b6c45a017bf47221555dc6ba21c752331257030adfc5e403e64812ab5
-
SSDEEP
1536:GyBNFOTmMLRAgtawxoXwxtw419YW2gj4oGOlTNo:BYT5aCXxog//YWJ4o7TNo
Malware Config
Extracted
metasploit
encoder/fnstenv_mov
Targets
-
-
Target
b6b51a3883d3e421106570108db1acba
-
Size
92KB
-
MD5
b6b51a3883d3e421106570108db1acba
-
SHA1
e348f3cbb0c986281895a1dbdb68195d8874a5e8
-
SHA256
a5ed97dc3f462985a2c1f4c65f23aae26ee37ec6b928fb39f80161294b9c9fae
-
SHA512
00c10c28596ce378619984ea07b179f29f5c51f115878fc71fdddec22d814ae4277fd37b6c45a017bf47221555dc6ba21c752331257030adfc5e403e64812ab5
-
SSDEEP
1536:GyBNFOTmMLRAgtawxoXwxtw419YW2gj4oGOlTNo:BYT5aCXxog//YWJ4o7TNo
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Sets file execution options in registry
-
Drops file in System32 directory
-