General
-
Target
shell.exe
-
Size
7KB
-
Sample
240429-315s4aeg4t
-
MD5
792638f04fab15fdfdd40d90de3f543a
-
SHA1
cf452a13f7b29ba2b6649540571cd3372817f4f4
-
SHA256
2ca47f7ab7e0b4da1fa3fe7ea4b4cedf431c212df06e68a85d0de372fb20e867
-
SHA512
5b9b28e5a3764af754e97a4fb6836bd3062121b5edee10900687fb5d069dde1798caf36920d179092e9731b193a097a30f6459da32507a49bf4d90a21997b8cf
-
SSDEEP
24:eFGStrJ9u0/6gSnZdkBQAVK86WYiKZqM2eNDMSCvOXpmB:is0tqkBQv8iiu2SD9C2kB
Behavioral task
behavioral1
Sample
shell.exe
Resource
win10-20240404-en
Malware Config
Extracted
metasploit
metasploit_stager
192.168.88.128:8080
Targets
-
-
Target
shell.exe
-
Size
7KB
-
MD5
792638f04fab15fdfdd40d90de3f543a
-
SHA1
cf452a13f7b29ba2b6649540571cd3372817f4f4
-
SHA256
2ca47f7ab7e0b4da1fa3fe7ea4b4cedf431c212df06e68a85d0de372fb20e867
-
SHA512
5b9b28e5a3764af754e97a4fb6836bd3062121b5edee10900687fb5d069dde1798caf36920d179092e9731b193a097a30f6459da32507a49bf4d90a21997b8cf
-
SSDEEP
24:eFGStrJ9u0/6gSnZdkBQAVK86WYiKZqM2eNDMSCvOXpmB:is0tqkBQv8iiu2SD9C2kB
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Modifies Installed Components in the registry
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-