General
-
Target
a.bat
-
Size
7KB
-
Sample
240522-yfnlvseb79
-
MD5
f3df25231a46629a2bf284b163c214f4
-
SHA1
11b6996ef719e34e70e008e51e51df238573ddb8
-
SHA256
fbb44c5cc51bc4660c5ba48b12bcaef9b7b7c1296498e6b17fe8c0c12f60855f
-
SHA512
bfa174b72a6454f163c9bc72da135f48c0ec8c741ba57017f8782bc63843f7f290f61e607d65afee297a3a7504138a26d8ef7ef91eeaa432369a3346257647bd
-
SSDEEP
192:/MHXvXhjyhhWSn6wF4XyBa95dXfaYOTPJ:/cXhjyhkSrF4XyBa95hBWPJ
Static task
static1
Behavioral task
behavioral1
Sample
a.bat
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
a.bat
Resource
win10v2004-20240508-en
Malware Config
Extracted
metasploit
windows/reverse_tcp
45.63.99.50:4444
Targets
-
-
Target
a.bat
-
Size
7KB
-
MD5
f3df25231a46629a2bf284b163c214f4
-
SHA1
11b6996ef719e34e70e008e51e51df238573ddb8
-
SHA256
fbb44c5cc51bc4660c5ba48b12bcaef9b7b7c1296498e6b17fe8c0c12f60855f
-
SHA512
bfa174b72a6454f163c9bc72da135f48c0ec8c741ba57017f8782bc63843f7f290f61e607d65afee297a3a7504138a26d8ef7ef91eeaa432369a3346257647bd
-
SSDEEP
192:/MHXvXhjyhhWSn6wF4XyBa95dXfaYOTPJ:/cXhjyhkSrF4XyBa95hBWPJ
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Blocklisted process makes network request
-