General
-
Target
f9a4d4e605f23a0eb568eb131f43e9577f0722cf5683955f280e910722f7e185
-
Size
2.8MB
-
Sample
241104-nsnsaazdjr
-
MD5
3acae01483799f67397311f890aa0f32
-
SHA1
d0053c358f60d348c896ed39d7b78496b1789260
-
SHA256
f9a4d4e605f23a0eb568eb131f43e9577f0722cf5683955f280e910722f7e185
-
SHA512
4a701d527f8dd8e062a94ecbc923d23824bde0b0f78b9397c8d8ea536e753650d998d9782f81ded028602a4e6e8d4023e643386f026d10ee658ea72115d3ed4e
-
SSDEEP
49152:KCC+OAqkLI5MbyRHqm0GPF/JARDEq+z8Td7IqiG7wtcb6m+0jaqV2dVGF5iF3mtr:KxhpqbcKWNJI9+z8OqiZtcb6T0DriYtr
Static task
static1
Behavioral task
behavioral1
Sample
MFA_migration_patchv3.5.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
MFA_migration_patchv3.5.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
metasploit
windows/download_exec
http://105.112.107.100:80/TncD
Targets
-
-
Target
MFA_migration_patchv3.5.exe
-
Size
2.9MB
-
MD5
889b3e191a04ab49d4073595d75f588c
-
SHA1
69f26dd90da1023d642803840d8c0683ed145721
-
SHA256
75f8b70d8625cede00db1108c56ebcd577e6fc7b029b9eb2e47ffafefa669f88
-
SHA512
c4a6d14abe872af5edfc1fb90da6787271ec624d6e1639f6c19c55be7d6d0cb563609abf78288695c4b63368f33cf84344659b4ba1c07d23e01ff0a3560fc6a8
-
SSDEEP
49152:otg7ETQsdPk46ZJxwe8OGQQzqhwCdxKKTUqZIt7tTt+YsaGGCj/TeDeJQxHEExLS:mtdPRGS5maKZUga7tMFGNDtNEoJM
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Metasploit family
-
Loads dropped DLL
-