General
-
Target
msf.docm
-
Size
83KB
-
Sample
240529-t7fm4scd47
-
MD5
6558cb69cf3b4ba49cc06acaca4a3996
-
SHA1
56fd3725c3e4f861b44592aef72ba092fb29d1ef
-
SHA256
ec0eed4ad4574f598e07bf97229b582da4caf70012b14632807c5efc4cfc35b4
-
SHA512
56a2271b522d21b099fbc930ab6be5813f561f446582d978c978b0bc398e9c9c491f0195fc76ab3a8a8997b1ad0ab1dc3df2c1e55b81933f38fd7d5e49a23934
-
SSDEEP
1536:45+WqQuctgd6mdz/tlNc6gBWWKEENbcSh6B0lGZYeG1KOOJjcDVWRyx6a5QiaOXC:S+X8YdTZ24WK9NweIG1tOJjcpWRyx6a4
Static task
static1
Behavioral task
behavioral1
Sample
msf.docm
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
msf.docm
Resource
win10v2004-20240426-en
Malware Config
Extracted
metasploit
windows/reverse_tcp
142.93.113.93:4444
Targets
-
-
Target
msf.docm
-
Size
83KB
-
MD5
6558cb69cf3b4ba49cc06acaca4a3996
-
SHA1
56fd3725c3e4f861b44592aef72ba092fb29d1ef
-
SHA256
ec0eed4ad4574f598e07bf97229b582da4caf70012b14632807c5efc4cfc35b4
-
SHA512
56a2271b522d21b099fbc930ab6be5813f561f446582d978c978b0bc398e9c9c491f0195fc76ab3a8a8997b1ad0ab1dc3df2c1e55b81933f38fd7d5e49a23934
-
SSDEEP
1536:45+WqQuctgd6mdz/tlNc6gBWWKEENbcSh6B0lGZYeG1KOOJjcDVWRyx6a5QiaOXC:S+X8YdTZ24WK9NweIG1tOJjcpWRyx6a4
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Executes dropped EXE
-
Loads dropped DLL
-