General
-
Target
hello.bat
-
Size
7KB
-
Sample
240430-3sr72aag8z
-
MD5
2f13ee536d6ec5d8fbce76cf1bc40e92
-
SHA1
6fceee95abbc687a849cd24bd6614b5a67090acd
-
SHA256
924f3a216a642893777d5836fbe5042ad349a21376282e685900a4756ef7694b
-
SHA512
568e028eba41ae6c5b439897dfb5afbb14476b5b6fc88fb797446037bb83a81c547a788500a6b884d912af6b7dbd073cd480e560c9d07f46b0991c903d786e89
-
SSDEEP
192:XL5qvXhjyhwvWAUS+QDTE7uTbh3MiSyn0sX:XLcXhjyhGP+QDwaPh8iSpo
Static task
static1
Behavioral task
behavioral1
Sample
hello.bat
Resource
win10-20240404-en
Malware Config
Extracted
metasploit
encoder/shikata_ga_nai
Extracted
metasploit
windows/reverse_tcp
192.168.88.128:1212
Targets
-
-
Target
hello.bat
-
Size
7KB
-
MD5
2f13ee536d6ec5d8fbce76cf1bc40e92
-
SHA1
6fceee95abbc687a849cd24bd6614b5a67090acd
-
SHA256
924f3a216a642893777d5836fbe5042ad349a21376282e685900a4756ef7694b
-
SHA512
568e028eba41ae6c5b439897dfb5afbb14476b5b6fc88fb797446037bb83a81c547a788500a6b884d912af6b7dbd073cd480e560c9d07f46b0991c903d786e89
-
SSDEEP
192:XL5qvXhjyhwvWAUS+QDTE7uTbh3MiSyn0sX:XLcXhjyhGP+QDwaPh8iSpo
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Legitimate hosting services abused for malware hosting/C2
-