Extracted

• • Target

    SecuriteInfo.com.Win32.MsfEncode-D.24091.3118.exe

  • Size

    34KB

  • MD5

    3f69a87cb4bde9c863f39301eb1f29c8

  • SHA1

    3c9de5d2605eb4419fe38c1728e97b6e7a9057ef

  • SHA256

    a4b990527a7439738349dc225d6bbdb8aada977b9c52add94bc94ae897311b18

  • SHA512

    d9fa11922158349c540adbd9a9e44062e42f7a5e9372ed89194554d536be186e239e254a2dac1fa40e8caace13c815e5f7a0d35fbd7007f251e5a8462408774d

  • SSDEEP

    384:sckalfdKxiis5iHo40IKYb93V5XiVOcvbvx0fAmwD6:xlkxiihHo4fb93b4TvbOpq6

  Score

  10^/10

  metasploitbackdoortrojanpersistence

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit

  • Boot or Logon Autostart Execution: Active Setup

    Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    persistence

  • Enumerates connected drives

    Attempts to read the root path of hard drives other than the default C: drive.

  behavioral1behavioral2