General
-
Target
f55dcabe5c7666954e6a626ad7bed40010a3f598d8ef3efcfb68135d29b2767d.exe
-
Size
927KB
-
Sample
240705-cefc7szdkq
-
MD5
2d54d9c5710c8a2d09111644b8c6f76c
-
SHA1
6071f929619b0046206d783afebaccaae3106ebb
-
SHA256
f55dcabe5c7666954e6a626ad7bed40010a3f598d8ef3efcfb68135d29b2767d
-
SHA512
3376eb97317e081e2732c21d6aa2f39315e9f513657ba6626cfb106cd1dbbe88c0959ecac9e63dbaff075960df65d08efc572bf0aec1dec94fba99a571af3572
-
SSDEEP
12288:PYfGLH8ujLj/c4GQgoiUW+SA0O0mmdh7mNzY/:PYuLHjjLrcGg+W+S9O07m
Static task
static1
Behavioral task
behavioral1
Sample
f55dcabe5c7666954e6a626ad7bed40010a3f598d8ef3efcfb68135d29b2767d.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
f55dcabe5c7666954e6a626ad7bed40010a3f598d8ef3efcfb68135d29b2767d.exe
Resource
win10v2004-20240704-en
Malware Config
Extracted
metasploit
windows/reverse_tcp
89.197.154.116:7810
Targets
-
-
Target
f55dcabe5c7666954e6a626ad7bed40010a3f598d8ef3efcfb68135d29b2767d.exe
-
Size
927KB
-
MD5
2d54d9c5710c8a2d09111644b8c6f76c
-
SHA1
6071f929619b0046206d783afebaccaae3106ebb
-
SHA256
f55dcabe5c7666954e6a626ad7bed40010a3f598d8ef3efcfb68135d29b2767d
-
SHA512
3376eb97317e081e2732c21d6aa2f39315e9f513657ba6626cfb106cd1dbbe88c0959ecac9e63dbaff075960df65d08efc572bf0aec1dec94fba99a571af3572
-
SSDEEP
12288:PYfGLH8ujLj/c4GQgoiUW+SA0O0mmdh7mNzY/:PYuLHjjLrcGg+W+S9O07m
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-