General
-
Target
d08608f55166b09ee456ae41b91c4a7c61c97e93bc6b73459abf2af1ba7c65b6
-
Size
89KB
-
Sample
240520-jlh61aah8y
-
MD5
9cfe249d2fdb722a8f31391c6b40df40
-
SHA1
52bde90ca7ff5a70e29b7fcc2bb69827ce024b16
-
SHA256
d08608f55166b09ee456ae41b91c4a7c61c97e93bc6b73459abf2af1ba7c65b6
-
SHA512
5e03b1514d1a8ad835c70a251bc44b91287ef0c222d77d5e015757bbc741588fc17a65f0cee48ffe3fe63fc39adec959bbf0a54d5e26908712a9b39c79f32fb3
-
SSDEEP
768:KG03gLqYrwYMRXDh+peBqr0WCTmHVxOBfPpTMJHJlyl68K:k3gLyYMRDh+peBk0WCTOxOBnpelyl6n
Behavioral task
behavioral1
Sample
d08608f55166b09ee456ae41b91c4a7c61c97e93bc6b73459abf2af1ba7c65b6.doc
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
d08608f55166b09ee456ae41b91c4a7c61c97e93bc6b73459abf2af1ba7c65b6.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
metasploit
windows/download_exec
http://192.168.78.133:44444fengling
- headers User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; BOIE9;NLNL)
Targets
-
-
Target
d08608f55166b09ee456ae41b91c4a7c61c97e93bc6b73459abf2af1ba7c65b6
-
Size
89KB
-
MD5
9cfe249d2fdb722a8f31391c6b40df40
-
SHA1
52bde90ca7ff5a70e29b7fcc2bb69827ce024b16
-
SHA256
d08608f55166b09ee456ae41b91c4a7c61c97e93bc6b73459abf2af1ba7c65b6
-
SHA512
5e03b1514d1a8ad835c70a251bc44b91287ef0c222d77d5e015757bbc741588fc17a65f0cee48ffe3fe63fc39adec959bbf0a54d5e26908712a9b39c79f32fb3
-
SSDEEP
768:KG03gLqYrwYMRXDh+peBqr0WCTmHVxOBfPpTMJHJlyl68K:k3gLyYMRDh+peBk0WCTOxOBnpelyl6n
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-