General
-
Target
evil.pdf
-
Size
45KB
-
Sample
240517-wtpd7scb85
-
MD5
c6ca50ccdaf2ef75643219163577757b
-
SHA1
7c14123f39d5c137e3d4412c392c962c29fcb7f7
-
SHA256
d59e9f301dc89d6e45cd695d8274bcaac4ed6b745369c3455c4343fdc61819b4
-
SHA512
d1c5ec9fa2ffa4f89e9658e0cc9b733f23c9e03252353eac9d7d1ade720af889ee950e1162be9e55c0a19fd678abd095e39e5fb6fe65542f55afd0b9729e24e2
-
SSDEEP
768:cd/lECC1jelyqCs2u3jx/Top3CAzf2sNGA3TV3k+zmQpEXtUROwr4XGtLIbuXwkT:c8xoLCBuTqhTzuI3TVnJwwr8buXlZ
Behavioral task
behavioral1
Sample
evil.pdf
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
evil.pdf
Resource
win10v2004-20240426-en
Behavioral task
behavioral3
Sample
template.exe
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
template.exe
Resource
win10v2004-20240426-en
Malware Config
Extracted
metasploit
windows/reverse_tcp
146.19.191.45:4444
Targets
-
-
Target
evil.pdf
-
Size
45KB
-
MD5
c6ca50ccdaf2ef75643219163577757b
-
SHA1
7c14123f39d5c137e3d4412c392c962c29fcb7f7
-
SHA256
d59e9f301dc89d6e45cd695d8274bcaac4ed6b745369c3455c4343fdc61819b4
-
SHA512
d1c5ec9fa2ffa4f89e9658e0cc9b733f23c9e03252353eac9d7d1ade720af889ee950e1162be9e55c0a19fd678abd095e39e5fb6fe65542f55afd0b9729e24e2
-
SSDEEP
768:cd/lECC1jelyqCs2u3jx/Top3CAzf2sNGA3TV3k+zmQpEXtUROwr4XGtLIbuXwkT:c8xoLCBuTqhTzuI3TVnJwwr8buXlZ
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Executes dropped EXE
-
Loads dropped DLL
-
-
-
Target
template.pdf
-
Size
72KB
-
MD5
a0dadf4c06912afefea51d1d856a3eff
-
SHA1
a0e23b70d0d1e9880c4129f2a7b65133b72f8738
-
SHA256
5cfe86dcaed78ccabd079cb809786104314f73d5127c3ed6814bac9b1374fce8
-
SHA512
491fd6fe42e2856c9ff59d950cf7330f10e3ec969dcfe4c670e2e75931ecb5049a7c765dea23f4a4db64ea2f7075dd64f43a3b3a257876c72e8553ad433d3af8
-
SSDEEP
1536:IEsLiNBAADyEPVwTU9/c2GlVYMb+KR0Nc8QsJq39:CetmBUJGQe0Nc8QsC9
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-