General
-
Target
actualizarsucvirtual.exe
-
Size
72KB
-
Sample
240418-lpfw6aaf7t
-
MD5
e4f9ef3eaf502f20055a97d77791df01
-
SHA1
39e8b29fe500ec0df4eb4abc0ecec9dcbc95917a
-
SHA256
6e8d31b7fe9aa035daf5e3cac660c383a9201e763f65581cabc2655426ca4e54
-
SHA512
49b500796ae9ac2bac2496f5452000a74895eb707272ab83049b7f5bd40597f7b37722b4b57961f4429b48c056dc045bf623f14a6b641bdf828b92bc183e4ae5
-
SSDEEP
1536:IOl/bG84MmP59t9dzHLDrKMb+KR0Nc8QsJq39:x8jHffKe0Nc8QsC9
Behavioral task
behavioral1
Sample
actualizarsucvirtual.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
actualizarsucvirtual.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
metasploit
encoder/shikata_ga_nai
Extracted
metasploit
windows/reverse_tcp
54.173.0.241:53
Targets
-
-
Target
actualizarsucvirtual.exe
-
Size
72KB
-
MD5
e4f9ef3eaf502f20055a97d77791df01
-
SHA1
39e8b29fe500ec0df4eb4abc0ecec9dcbc95917a
-
SHA256
6e8d31b7fe9aa035daf5e3cac660c383a9201e763f65581cabc2655426ca4e54
-
SHA512
49b500796ae9ac2bac2496f5452000a74895eb707272ab83049b7f5bd40597f7b37722b4b57961f4429b48c056dc045bf623f14a6b641bdf828b92bc183e4ae5
-
SSDEEP
1536:IOl/bG84MmP59t9dzHLDrKMb+KR0Nc8QsJq39:x8jHffKe0Nc8QsC9
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-