General
-
Target
Счёт на оплату.docm
-
Size
33KB
-
Sample
240619-lt5fbasfnn
-
MD5
83854fb53aef0d0597df194487f22e64
-
SHA1
40a25f83d4f46b2dc146c58bc79a32b0a3ad34e0
-
SHA256
3e7e321ca46b1337d69b9d39ad4dc1b268abb33c9331c06ad07fbb93f29fab89
-
SHA512
3f52dee4c9e3220691fdffb563b0cd1a57843d856592897ae101b3470287504a5931dfc6cb76fad7b8e346cbe3c04fb855fa64f358f5fa181cd97c343ef98197
-
SSDEEP
768:KHcGwQsffnH7G5lN3XJkuin4n56mmuZP3t:K8GwQUH7oFmO6mmqt
Behavioral task
behavioral1
Sample
Счёт на оплату.docm
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
Счёт на оплату.docm
Resource
win10v2004-20240508-en
Malware Config
Extracted
metasploit
windows/reverse_http
http://8.8.8.8:5555/zSE9R66S0rraBdsEuVDCbAcHm4d4HwfrCxUPZVx9puos4rwEtJYcq6pkDktx6eSFYy7kU5oq35RNY-dTUHVT8PkQK697FEhhVal855uLYDsu7kkGa5HPh-A_RSCMYlNagTI5RlAPwzzT3itpLVl0bgaf6gwEd8aYdSKGaoH77_3vcEsKMQlq6uuEh7qF8nE
Targets
-
-
Target
Счёт на оплату.docm
-
Size
33KB
-
MD5
83854fb53aef0d0597df194487f22e64
-
SHA1
40a25f83d4f46b2dc146c58bc79a32b0a3ad34e0
-
SHA256
3e7e321ca46b1337d69b9d39ad4dc1b268abb33c9331c06ad07fbb93f29fab89
-
SHA512
3f52dee4c9e3220691fdffb563b0cd1a57843d856592897ae101b3470287504a5931dfc6cb76fad7b8e346cbe3c04fb855fa64f358f5fa181cd97c343ef98197
-
SSDEEP
768:KHcGwQsffnH7G5lN3XJkuin4n56mmuZP3t:K8GwQUH7oFmO6mmqt
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Process spawned suspicious child process
This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.
-