Resubmissions
04-05-2024 20:20
240504-y4na1aab9v 10General
-
Target
http://google.com
-
Sample
240504-y4na1aab9v
Static task
static1
URLScan task
urlscan1
Behavioral task
behavioral1
Sample
http://google.com
Resource
win10v2004-20240226-en
windows10-2004-x64
16 signatures
1800 seconds
Malware Config
Extracted
Family
metasploit
Version
windows/single_exec
Targets
-
-
Target
http://google.com
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Legitimate hosting services abused for malware hosting/C2
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-