General
-
Target
a0c30e75522335709bda99a9aeb26fb37c4456a5fb4a6f0ed7bf0222352ad656.ps1
-
Size
248B
-
Sample
240404-cpzjtsca5s
-
MD5
94c799d8340a615c6d0a834b09ec78de
-
SHA1
c091d4aa55499c5ad499e964b7c82252fda4a5b0
-
SHA256
a0c30e75522335709bda99a9aeb26fb37c4456a5fb4a6f0ed7bf0222352ad656
-
SHA512
a11b5bb5045b4732309e9be2d5d488f265f8b56614c90cf4f04b195d1e51b4c3901b5bac8ae7417dbb490817740987bf36784a2fa3af51f188f6673e9e40f3f6
Static task
static1
Behavioral task
behavioral1
Sample
a0c30e75522335709bda99a9aeb26fb37c4456a5fb4a6f0ed7bf0222352ad656.ps1
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
a0c30e75522335709bda99a9aeb26fb37c4456a5fb4a6f0ed7bf0222352ad656.ps1
Resource
win10v2004-20240226-en
Malware Config
Extracted
http://104.248.6.145:8000/met8443.dll
Extracted
metasploit
metasploit_stager
104.248.6.145:8443
Targets
-
-
Target
a0c30e75522335709bda99a9aeb26fb37c4456a5fb4a6f0ed7bf0222352ad656.ps1
-
Size
248B
-
MD5
94c799d8340a615c6d0a834b09ec78de
-
SHA1
c091d4aa55499c5ad499e964b7c82252fda4a5b0
-
SHA256
a0c30e75522335709bda99a9aeb26fb37c4456a5fb4a6f0ed7bf0222352ad656
-
SHA512
a11b5bb5045b4732309e9be2d5d488f265f8b56614c90cf4f04b195d1e51b4c3901b5bac8ae7417dbb490817740987bf36784a2fa3af51f188f6673e9e40f3f6
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-