General
-
Target
8b6f0355d65dc93206c440c2a64a3fb9cd6dc798848014529c8bbc872bfb0e02
-
Size
864KB
-
Sample
240417-3z4jmsad66
-
MD5
209184893f466ae457d305a7911a4971
-
SHA1
ff6af8eb2059c8ec8d73c9217c250d61ad885421
-
SHA256
8b6f0355d65dc93206c440c2a64a3fb9cd6dc798848014529c8bbc872bfb0e02
-
SHA512
e31fea944e88fad882f6ce435d0bb5d19c7e4ab67459e6ce23a6a8b43bb13f3205718083717ee8f159c40d647d923e935dbdeab5c7eecd0b2c8c5c3addaa4b20
-
SSDEEP
24576:G0CjcmSD6dzmPUAQ5YuE8fqG3wE/AsNNvrVl++3:BSdyPM5YOfqG3p/AmTF3
Static task
static1
Behavioral task
behavioral1
Sample
8b6f0355d65dc93206c440c2a64a3fb9cd6dc798848014529c8bbc872bfb0e02.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
8b6f0355d65dc93206c440c2a64a3fb9cd6dc798848014529c8bbc872bfb0e02.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
metasploit
windows/reverse_tcp
192.168.124.46:8060
Targets
-
-
Target
8b6f0355d65dc93206c440c2a64a3fb9cd6dc798848014529c8bbc872bfb0e02
-
Size
864KB
-
MD5
209184893f466ae457d305a7911a4971
-
SHA1
ff6af8eb2059c8ec8d73c9217c250d61ad885421
-
SHA256
8b6f0355d65dc93206c440c2a64a3fb9cd6dc798848014529c8bbc872bfb0e02
-
SHA512
e31fea944e88fad882f6ce435d0bb5d19c7e4ab67459e6ce23a6a8b43bb13f3205718083717ee8f159c40d647d923e935dbdeab5c7eecd0b2c8c5c3addaa4b20
-
SSDEEP
24576:G0CjcmSD6dzmPUAQ5YuE8fqG3wE/AsNNvrVl++3:BSdyPM5YOfqG3p/AmTF3
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Suspicious use of NtSetInformationThreadHideFromDebugger
-