General
-
Target
2ba8877ca1e98625dcb4f6f6f99aa2225b0b77a9b3d507edffb39bb5ea75bb77
-
Size
546KB
-
Sample
240517-qygx2aag2y
-
MD5
6909f906af0bcae804363346e964a1d5
-
SHA1
ddad7cb8bd5b7727884772d53a40dead686b4413
-
SHA256
2ba8877ca1e98625dcb4f6f6f99aa2225b0b77a9b3d507edffb39bb5ea75bb77
-
SHA512
59e4e4800e3e738f9edb984ee7c70d7c861aabfb166c68621fca782c1acb665df37283748281f5abebd6bf7c95c3b2b2b454923a7f6a10b1aaf79edd3a7965c4
-
SSDEEP
3072:HkyR33czQJPY3DgFXAcdOrVICIyL773T0bmIJxmbirBCsrAUd1qZQxS:Hk2czQ5Y3Dqwcd2YIPDIJxU2RPqZH
Behavioral task
behavioral1
Sample
2ba8877ca1e98625dcb4f6f6f99aa2225b0b77a9b3d507edffb39bb5ea75bb77.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2ba8877ca1e98625dcb4f6f6f99aa2225b0b77a9b3d507edffb39bb5ea75bb77.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
metasploit
encoder/shikata_ga_nai
Extracted
metasploit
windows/reverse_tcp
192.168.1.150:8888
Targets
-
-
Target
2ba8877ca1e98625dcb4f6f6f99aa2225b0b77a9b3d507edffb39bb5ea75bb77
-
Size
546KB
-
MD5
6909f906af0bcae804363346e964a1d5
-
SHA1
ddad7cb8bd5b7727884772d53a40dead686b4413
-
SHA256
2ba8877ca1e98625dcb4f6f6f99aa2225b0b77a9b3d507edffb39bb5ea75bb77
-
SHA512
59e4e4800e3e738f9edb984ee7c70d7c861aabfb166c68621fca782c1acb665df37283748281f5abebd6bf7c95c3b2b2b454923a7f6a10b1aaf79edd3a7965c4
-
SSDEEP
3072:HkyR33czQJPY3DgFXAcdOrVICIyL773T0bmIJxmbirBCsrAUd1qZQxS:Hk2czQ5Y3Dqwcd2YIPDIJxU2RPqZH
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-