General
-
Target
c54842c3c7f23d74f80240f8fd318286
-
Size
58KB
-
Sample
240313-hycpbahc73
-
MD5
c54842c3c7f23d74f80240f8fd318286
-
SHA1
d3b9e956c4a631249491991787fc8879b50403d9
-
SHA256
ba11e5f7109fae8b6b35090fb6c8bc3d939b79813b00ba79faffcce24947bd16
-
SHA512
68a8cfa6f45c6b6524cf912f0bcbb5d69a63b1c2fd2ecdfb58664a4368a352f61f99a19670adbe966e7d848734aeb0c518f7f5dc8cbe5b190fb6197a0699052c
-
SSDEEP
768:W5faTn5L7W1CJYlDo6yOdCYfkFYDG4rcor4JD7V0OVIMihRMp:W5faTt6llpCYcoQorwD7V0OLih
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
c54842c3c7f23d74f80240f8fd318286
-
Size
58KB
-
MD5
c54842c3c7f23d74f80240f8fd318286
-
SHA1
d3b9e956c4a631249491991787fc8879b50403d9
-
SHA256
ba11e5f7109fae8b6b35090fb6c8bc3d939b79813b00ba79faffcce24947bd16
-
SHA512
68a8cfa6f45c6b6524cf912f0bcbb5d69a63b1c2fd2ecdfb58664a4368a352f61f99a19670adbe966e7d848734aeb0c518f7f5dc8cbe5b190fb6197a0699052c
-
SSDEEP
768:W5faTn5L7W1CJYlDo6yOdCYfkFYDG4rcor4JD7V0OVIMihRMp:W5faTt6llpCYcoQorwD7V0OLih
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Adds policy Run key to start application
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-