General
-
Target
03f9fd2ed89de09d2dbed8de06f8fe76.bin
-
Size
457KB
-
Sample
240624-cjnkdaybjj
-
MD5
03f9fd2ed89de09d2dbed8de06f8fe76
-
SHA1
4abfa12b785713bcb8a8d07175114dc903196fc3
-
SHA256
ddb66647189270d6046b6c95e30900f83ffe9911e77a918dd50a6f09879d1624
-
SHA512
f11a7029308abaa10f5b5cda1c04997f24d3e275b101533a15aa74645b05ed102f448002bfdeb2df86ca6651ab707eaa20fa1e1835851dc18754b2fdeb9ff1d3
-
SSDEEP
6144:x9JLFprEWDl7s5t38dX6pKE4dU7kpoTcnFOHuln+Otc+EkzI8jSejCE8aKP3sGvt:x99gbP/GFK9ACwdag/2OuV8IRCg
Static task
static1
Behavioral task
behavioral1
Sample
03f9fd2ed89de09d2dbed8de06f8fe76.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
03f9fd2ed89de09d2dbed8de06f8fe76.exe
Resource
win10v2004-20240611-en
Malware Config
Extracted
metasploit
encoder/shikata_ga_nai
Extracted
metasploit
windows/reverse_tcp_dns
testme.com:80
Targets
-
-
Target
03f9fd2ed89de09d2dbed8de06f8fe76.bin
-
Size
457KB
-
MD5
03f9fd2ed89de09d2dbed8de06f8fe76
-
SHA1
4abfa12b785713bcb8a8d07175114dc903196fc3
-
SHA256
ddb66647189270d6046b6c95e30900f83ffe9911e77a918dd50a6f09879d1624
-
SHA512
f11a7029308abaa10f5b5cda1c04997f24d3e275b101533a15aa74645b05ed102f448002bfdeb2df86ca6651ab707eaa20fa1e1835851dc18754b2fdeb9ff1d3
-
SSDEEP
6144:x9JLFprEWDl7s5t38dX6pKE4dU7kpoTcnFOHuln+Otc+EkzI8jSejCE8aKP3sGvt:x99gbP/GFK9ACwdag/2OuV8IRCg
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-