General
-
Target
Browsers.txt.lnk
-
Size
1.1MB
-
Sample
240606-th496shd38
-
MD5
f633c0331190af42493e0bd861853bbe
-
SHA1
e51a46951bb42d8ea12e6d86c075d30c9b95b160
-
SHA256
273a75ba90251e317ed6291e6d4e31f80ce006e81bdc6582a4988078dc5610ef
-
SHA512
35a59bd65dfb15f7412904cc41f1d2eae39e5d15ce9963ff9251584d9b642060dcdf6c3b74f9ba358922d2a0b0baa04887697f4ed8e48bfeb7b2fe98e9861cc9
-
SSDEEP
24576:BqdCjhtTdvhtTdvhtTdvhtTdvhtTdvhr8k:7htTdvhtTdvhtTdvhtTdvhtTdvhQk
Static task
static1
Behavioral task
behavioral1
Sample
Browsers.txt.lnk
Resource
win10v2004-20240226-en
Behavioral task
behavioral2
Sample
Browsers.txt.lnk
Resource
win11-20240426-en
Malware Config
Extracted
metasploit
encoder/shikata_ga_nai
Extracted
metasploit
windows/reverse_tcp
104.248.194.233:443
Targets
-
-
Target
Browsers.txt.lnk
-
Size
1.1MB
-
MD5
f633c0331190af42493e0bd861853bbe
-
SHA1
e51a46951bb42d8ea12e6d86c075d30c9b95b160
-
SHA256
273a75ba90251e317ed6291e6d4e31f80ce006e81bdc6582a4988078dc5610ef
-
SHA512
35a59bd65dfb15f7412904cc41f1d2eae39e5d15ce9963ff9251584d9b642060dcdf6c3b74f9ba358922d2a0b0baa04887697f4ed8e48bfeb7b2fe98e9861cc9
-
SSDEEP
24576:BqdCjhtTdvhtTdvhtTdvhtTdvhtTdvhr8k:7htTdvhtTdvhtTdvhtTdvhtTdvhQk
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-