General
-
Target
crmupgradev2022.exe
-
Size
72KB
-
Sample
240418-lpkv4saf8w
-
MD5
671ca4550138d612ac4bae529ffcca72
-
SHA1
51f9a25981c4c3d22bcc15828a53e2c90c7f2faf
-
SHA256
43e53d07a493457a556e4fb86b128199f118790de0e3d3db25af7de14eb4bcff
-
SHA512
ce6c23c71b9423778ab8f7add9d0f1c8350d782b244690929cbb0d149f924cc15334b89c9c4ddb356f69757cbfe208b4e2821d104df0ec708ff8dc8236281a38
-
SSDEEP
1536:IpTtl9o8EUGG1QQr5y8Xn7BnUs+RAMb+KR0Nc8QsJq39:QxlXEUX1QQVBUsRe0Nc8QsC9
Behavioral task
behavioral1
Sample
crmupgradev2022.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
crmupgradev2022.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
metasploit
encoder/shikata_ga_nai
Extracted
metasploit
windows/reverse_tcp
3.84.34.113:443
Targets
-
-
Target
crmupgradev2022.exe
-
Size
72KB
-
MD5
671ca4550138d612ac4bae529ffcca72
-
SHA1
51f9a25981c4c3d22bcc15828a53e2c90c7f2faf
-
SHA256
43e53d07a493457a556e4fb86b128199f118790de0e3d3db25af7de14eb4bcff
-
SHA512
ce6c23c71b9423778ab8f7add9d0f1c8350d782b244690929cbb0d149f924cc15334b89c9c4ddb356f69757cbfe208b4e2821d104df0ec708ff8dc8236281a38
-
SSDEEP
1536:IpTtl9o8EUGG1QQr5y8Xn7BnUs+RAMb+KR0Nc8QsJq39:QxlXEUX1QQVBUsRe0Nc8QsC9
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-