General
-
Target
openai.rtf
-
Size
768KB
-
Sample
240417-pmjf2sgc71
-
MD5
2e8a01026b5c298a9b1d2519241f0b16
-
SHA1
98b44cc10887c7cb63a769cbd258c45720eb7ef7
-
SHA256
0473ee221e38ba27330654ffb3cdd6476ff530881c303cc20d2efdff0c270e61
-
SHA512
aeaf88341f33a2f130730cd4871abbf9ae48a3932bab7a21d6376c7579bbe8dad7f226694134db5f0b19b2d9a3248c66e9c3f2adc21d432573f9624c4452451b
-
SSDEEP
768:5stVBjHeY2xUSc2xoEYGZc+dySGri6CbEYKhqgbEYhhigbEYhh8gbEYuIeY7EH4z:5spHGC
Static task
static1
Behavioral task
behavioral1
Sample
openai.rtf
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
openai.rtf
Resource
win10v2004-20240412-en
Malware Config
Extracted
https://iplogger.ru/openai.jpg
Extracted
metasploit
windows/download_exec
http://forensics.jwork.ru:2083/jquery-3.3.1.slim.min.js
Targets
-
-
Target
openai.rtf
-
Size
768KB
-
MD5
2e8a01026b5c298a9b1d2519241f0b16
-
SHA1
98b44cc10887c7cb63a769cbd258c45720eb7ef7
-
SHA256
0473ee221e38ba27330654ffb3cdd6476ff530881c303cc20d2efdff0c270e61
-
SHA512
aeaf88341f33a2f130730cd4871abbf9ae48a3932bab7a21d6376c7579bbe8dad7f226694134db5f0b19b2d9a3248c66e9c3f2adc21d432573f9624c4452451b
-
SSDEEP
768:5stVBjHeY2xUSc2xoEYGZc+dySGri6CbEYKhqgbEYhhigbEYhh8gbEYuIeY7EH4z:5spHGC
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Blocklisted process makes network request
-
Drops file in System32 directory
-