General
-
Target
77c9992fc041f54cd629d46ac91d3c5e8d889cdfcb89cc60be31bc710c045b50
-
Size
1.8MB
-
Sample
240417-yjy7rsce43
-
MD5
774b60a0622c2296aeb181ee26421c20
-
SHA1
5b744cf350993d77145c7d7a69c689b045b34426
-
SHA256
77c9992fc041f54cd629d46ac91d3c5e8d889cdfcb89cc60be31bc710c045b50
-
SHA512
7b5b4089042073ebe7e5c97e70c17a6b5b6b7e8d842ab4f01f9a075586f585ab102186a9a244ea040ea22bcdea9ec99df8a78dd1c797d2dde033a41b7dcfee29
-
SSDEEP
24576:/3vLRdVhZBK8NogWYO09gOGi9J3YiWdCMJ5QxmjwC/hR:/3d5ZQ1MxJIiW0MbQxA
Static task
static1
Behavioral task
behavioral1
Sample
77c9992fc041f54cd629d46ac91d3c5e8d889cdfcb89cc60be31bc710c045b50.exe
Resource
win7-20240221-en
Malware Config
Extracted
metasploit
windows/shell_reverse_tcp
1.15.12.73:4567
Targets
-
-
Target
77c9992fc041f54cd629d46ac91d3c5e8d889cdfcb89cc60be31bc710c045b50
-
Size
1.8MB
-
MD5
774b60a0622c2296aeb181ee26421c20
-
SHA1
5b744cf350993d77145c7d7a69c689b045b34426
-
SHA256
77c9992fc041f54cd629d46ac91d3c5e8d889cdfcb89cc60be31bc710c045b50
-
SHA512
7b5b4089042073ebe7e5c97e70c17a6b5b6b7e8d842ab4f01f9a075586f585ab102186a9a244ea040ea22bcdea9ec99df8a78dd1c797d2dde033a41b7dcfee29
-
SSDEEP
24576:/3vLRdVhZBK8NogWYO09gOGi9J3YiWdCMJ5QxmjwC/hR:/3d5ZQ1MxJIiW0MbQxA
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Drops file in Drivers directory
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-