General
-
Target
setup.hta
-
Size
7KB
-
Sample
240531-ws29nshb25
-
MD5
7159cc75c0c3fa0e08ed40a8d29beeda
-
SHA1
e73631da77790cd6cb32e8a9e7e20706883ee288
-
SHA256
6101bca566955a1ff83fe145187fd0665dcc6f362364256c1f4b4842f3ad0f20
-
SHA512
e77de02b37a1df0e32bb01e8922f47db4bad8701d3a51ed24806e0e9f643a3af2a1626ed19913484037b36664de5d704e88c074093f08332e660ccc1208d244f
-
SSDEEP
192:mln2jh1hqT2g/yy0ue0Q3/Q7D1fcxSEB1ZT9XXrVeIfMlF8pTAld:gn2jh1hsDts08/QtoSErZRXXciMlvld
Static task
static1
Behavioral task
behavioral1
Sample
setup.hta
Resource
win10v2004-20240508-en
Malware Config
Extracted
metasploit
windows/reverse_tcp
192.168.1.139:4444
Targets
-
-
Target
setup.hta
-
Size
7KB
-
MD5
7159cc75c0c3fa0e08ed40a8d29beeda
-
SHA1
e73631da77790cd6cb32e8a9e7e20706883ee288
-
SHA256
6101bca566955a1ff83fe145187fd0665dcc6f362364256c1f4b4842f3ad0f20
-
SHA512
e77de02b37a1df0e32bb01e8922f47db4bad8701d3a51ed24806e0e9f643a3af2a1626ed19913484037b36664de5d704e88c074093f08332e660ccc1208d244f
-
SSDEEP
192:mln2jh1hqT2g/yy0ue0Q3/Q7D1fcxSEB1ZT9XXrVeIfMlF8pTAld:gn2jh1hsDts08/QtoSErZRXXciMlvld
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-