General
-
Target
112c7bc3e4c1565bd2c3a1e94de97ded379020655338206a8f0760282bb34b76
-
Size
2.6MB
-
Sample
240918-mfv56awfnr
-
MD5
7c10602aacb99aacec3dfce60452fadc
-
SHA1
75976104c539e62736a7ea697f86582e6884d306
-
SHA256
112c7bc3e4c1565bd2c3a1e94de97ded379020655338206a8f0760282bb34b76
-
SHA512
1da2d169069cfbc21e370d889d4b068cecaf1c5752e22e1459f82cd0de1055907153ff3e05eb4a78b5e10767468c6153b02a42de8dbb26c8b25c3b11ae1ecb84
-
SSDEEP
49152:jZB1G8YMZfyI6jfYdZFSzqDm5qDYho6QADT5zFl5uy55Sl/HgIc9Cg03TGjytsUA:93G6Zfe+bSaCqkR5uy7qHgh1eTGgHA
Malware Config
Extracted
metasploit
metasploit_stager
192.168.106.131:1111
Targets
-
-
Target
112c7bc3e4c1565bd2c3a1e94de97ded379020655338206a8f0760282bb34b76
-
Size
2.6MB
-
MD5
7c10602aacb99aacec3dfce60452fadc
-
SHA1
75976104c539e62736a7ea697f86582e6884d306
-
SHA256
112c7bc3e4c1565bd2c3a1e94de97ded379020655338206a8f0760282bb34b76
-
SHA512
1da2d169069cfbc21e370d889d4b068cecaf1c5752e22e1459f82cd0de1055907153ff3e05eb4a78b5e10767468c6153b02a42de8dbb26c8b25c3b11ae1ecb84
-
SSDEEP
49152:jZB1G8YMZfyI6jfYdZFSzqDm5qDYho6QADT5zFl5uy55Sl/HgIc9Cg03TGjytsUA:93G6Zfe+bSaCqkR5uy7qHgh1eTGgHA
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-