General
-
Target
389d5fd483539040c28707e4e4ccaa3eb775fb8e6946453d3ef284eed1d9b6af
-
Size
36KB
-
Sample
240624-zy9gqavhqp
-
MD5
b68384bd75e1b2e9de6cebe6967c5bee
-
SHA1
ef14c2262e2366f425458f6a4a8a962451d50d08
-
SHA256
389d5fd483539040c28707e4e4ccaa3eb775fb8e6946453d3ef284eed1d9b6af
-
SHA512
a407c4528f4411d2039cc86415b3d8fabeb869cb33ad51d75eb44c8a80fe06e870d96bdc575eec7f9ecdb1b73387ce4624ca28e4e7d267ab797504fef33768fb
-
SSDEEP
384:dyiSwvxjk+tiPTj6Otg0jk+pdyA5tJ/hO:d1xw+tc6OSJ+pdvO
Behavioral task
behavioral1
Sample
389d5fd483539040c28707e4e4ccaa3eb775fb8e6946453d3ef284eed1d9b6af.doc
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
389d5fd483539040c28707e4e4ccaa3eb775fb8e6946453d3ef284eed1d9b6af.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
metasploit
windows/reverse_http
http://10.10.100.200:443/EWNfntgCmECZ95j2_44oPQ2vFynBHYdyB-PLWzv7E_5jD_XEOsqp0Rbj-fJ-o4YMmRxvupOMOvXUgw0Sj
Targets
-
-
Target
389d5fd483539040c28707e4e4ccaa3eb775fb8e6946453d3ef284eed1d9b6af
-
Size
36KB
-
MD5
b68384bd75e1b2e9de6cebe6967c5bee
-
SHA1
ef14c2262e2366f425458f6a4a8a962451d50d08
-
SHA256
389d5fd483539040c28707e4e4ccaa3eb775fb8e6946453d3ef284eed1d9b6af
-
SHA512
a407c4528f4411d2039cc86415b3d8fabeb869cb33ad51d75eb44c8a80fe06e870d96bdc575eec7f9ecdb1b73387ce4624ca28e4e7d267ab797504fef33768fb
-
SSDEEP
384:dyiSwvxjk+tiPTj6Otg0jk+pdyA5tJ/hO:d1xw+tc6OSJ+pdvO
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Process spawned suspicious child process
This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.
-