General
-
Target
f2cba176c9681c60d16e7ac717c0ad8f2531cf36203da4651db23bb1d2b33b19
-
Size
42KB
-
Sample
240919-12ebestaqg
-
MD5
ae49b622fdf810ce4a50b175e14274b5
-
SHA1
1a4da0c5a23fbfd005c2dbe9a693eb3cb1c3500b
-
SHA256
f2cba176c9681c60d16e7ac717c0ad8f2531cf36203da4651db23bb1d2b33b19
-
SHA512
043bc03265b21b401712822a098c34a3dc548fe65e22978bd498761be8542b9842028a1edc0936c41910accc015ecfd24c48ed64044347ee3d7bb0d3fd5c1daa
-
SSDEEP
384:ArtiSt3AfPpNGPTGO+peS/iGvOq5UsizZTFzTChT50jxbfoHt:4J3qxS+peSqmUsineTGbfo
Behavioral task
behavioral1
Sample
f2cba176c9681c60d16e7ac717c0ad8f2531cf36203da4651db23bb1d2b33b19.doc
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
f2cba176c9681c60d16e7ac717c0ad8f2531cf36203da4651db23bb1d2b33b19.doc
Resource
win10v2004-20240802-en
Malware Config
Extracted
metasploit
windows/download_exec
http://192.168.211.143:443/hCaP
- headers User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; yie9)
Targets
-
-
Target
f2cba176c9681c60d16e7ac717c0ad8f2531cf36203da4651db23bb1d2b33b19
-
Size
42KB
-
MD5
ae49b622fdf810ce4a50b175e14274b5
-
SHA1
1a4da0c5a23fbfd005c2dbe9a693eb3cb1c3500b
-
SHA256
f2cba176c9681c60d16e7ac717c0ad8f2531cf36203da4651db23bb1d2b33b19
-
SHA512
043bc03265b21b401712822a098c34a3dc548fe65e22978bd498761be8542b9842028a1edc0936c41910accc015ecfd24c48ed64044347ee3d7bb0d3fd5c1daa
-
SSDEEP
384:ArtiSt3AfPpNGPTGO+peS/iGvOq5UsizZTFzTChT50jxbfoHt:4J3qxS+peSqmUsineTGbfo
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-