General
-
Target
sample-20240221.exe
-
Size
141KB
-
Sample
240331-vw8p7agc94
-
MD5
948fe924100ae457c1b1b9095a7fca6b
-
SHA1
67a664311ed0c4b5f1daf68c9d898909e77274c7
-
SHA256
81b281cb9dbf824635fb99b59977d3114cccd014db605d2f3f693383ed6b4ef3
-
SHA512
a5c0edda2d2226cd2439195c31a0c83fe46dcfa0a2f93ad0861ae96247cdc9a324030dfd34a0034e5e460ebedea382c76adf8820c6b71edc8a398bf32c094ee1
-
SSDEEP
3072:aCH7vIoTjjzwItUJXVLkJRqCpWf/xaIloI8pH1bui5N8:Rk2UJXiRvpGOpj5N8
Behavioral task
behavioral1
Sample
sample-20240221.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
sample-20240221.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
metasploit
windows/shell_bind_tcp
Targets
-
-
Target
sample-20240221.exe
-
Size
141KB
-
MD5
948fe924100ae457c1b1b9095a7fca6b
-
SHA1
67a664311ed0c4b5f1daf68c9d898909e77274c7
-
SHA256
81b281cb9dbf824635fb99b59977d3114cccd014db605d2f3f693383ed6b4ef3
-
SHA512
a5c0edda2d2226cd2439195c31a0c83fe46dcfa0a2f93ad0861ae96247cdc9a324030dfd34a0034e5e460ebedea382c76adf8820c6b71edc8a398bf32c094ee1
-
SSDEEP
3072:aCH7vIoTjjzwItUJXVLkJRqCpWf/xaIloI8pH1bui5N8:Rk2UJXiRvpGOpj5N8
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Adds Run key to start application
-