General
-
Target
Payroll.7z
-
Size
17KB
-
Sample
240520-naqtxsgg96
-
MD5
bf484b88277a45def40d36fb25e3933b
-
SHA1
63855d8c7dcfda85394d15067e1ca09582f66c0b
-
SHA256
250d4c0d3c0d4b8da56453ffdcea05f009baf29d13befc9aff858f8deb18a038
-
SHA512
1d6b7015116645de728041f2b434e8e87fa5a15e490aee2b1293fd8d9eae5dbcf5d40dc2be8efb67e7cc00b4fd279fd8dc5eea98215ac6162cb105aeaae6d72e
-
SSDEEP
384:9iwT/alYu5HQe9t9fAS84t1NVC0mKWwGBfQXVqcKHtO4VX+HM:9nT/alYOQGfAp4t1C0mKTZVqcKHtbVyM
Malware Config
Extracted
metasploit
windows/exec
Targets
-
-
Target
dolphin.exe
-
Size
49KB
-
MD5
a8d122b4f018d69a87bfefac354dadec
-
SHA1
ca065d08ed255fb72e3dc3f2ae76ad3d9a436875
-
SHA256
8e0029263ffa6d3b6b2c4c762ce1d2cfd6042501e8e4cddf91aa2020dce15605
-
SHA512
39732c7af6027b4de628c2f6ed6635c720e2a046d5b465759a43934723cd872b577cfb4d3d3d2489ff94d1a49441b14f7fda5500e0e3e7073450f16d1aa82e1c
-
SSDEEP
768:jxEOjnLj98hUO47oKHLAPP3lLuzZPKq+kXKZHlm3o7L:znLWKd7bHkPP3lLuBZ+AKZFm3oP
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Grants admin privileges
Uses net.exe to modify the user's privileges.
-
Adds Run key to start application
-