General
-
Target
showcaptcha
-
Size
16KB
-
Sample
240617-s8hcnavgpb
-
MD5
158650041a3eb6475fa82bd28b504540
-
SHA1
3fea01d61ebd764153e1b123e6208d201d21e3b3
-
SHA256
5934e81a30bd867068c77a66b807996d7fc35c3328e81865fce4190717e79214
-
SHA512
b1793b9df0cf20b7570e759d20b09d7728e45d4ca465d633eea8857c5727f872f97eefcc9fa920841349ea4f6c043d7703bd6b6a05d74bdade9db108685dd57c
-
SSDEEP
384:eEelrgl7QGKbyOWiiNBzgMFO+gQ0kXd28J7utAqRkvRgQaLyCMipH:teJgdQJbrncBznFO+NvXo8ButAqRkvRw
Static task
static1
Behavioral task
behavioral1
Sample
showcaptcha.html
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
showcaptcha.html
Resource
win10v2004-20240226-en
Malware Config
Extracted
metasploit
windows/reverse_http
http://2.tcp.eu.ngrok.io:18319/ocdCDhUNro8RHRAcd21H2A3rLUeQm
Targets
-
-
Target
showcaptcha
-
Size
16KB
-
MD5
158650041a3eb6475fa82bd28b504540
-
SHA1
3fea01d61ebd764153e1b123e6208d201d21e3b3
-
SHA256
5934e81a30bd867068c77a66b807996d7fc35c3328e81865fce4190717e79214
-
SHA512
b1793b9df0cf20b7570e759d20b09d7728e45d4ca465d633eea8857c5727f872f97eefcc9fa920841349ea4f6c043d7703bd6b6a05d74bdade9db108685dd57c
-
SSDEEP
384:eEelrgl7QGKbyOWiiNBzgMFO+gQ0kXd28J7utAqRkvRgQaLyCMipH:teJgdQJbrncBznFO+NvXo8ButAqRkvRw
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Blocklisted process makes network request
-
Legitimate hosting services abused for malware hosting/C2
-