General
-
Target
f434868f9d05132bd1759bd890b85915e60cb665124caf8d9c9e53ccbd0930b1N
-
Size
7KB
-
Sample
241109-3ffy8svbng
-
MD5
cde3035e08bb57f1d80f9af2f6b2e710
-
SHA1
8c355b7edd051a73f866314adee525a8b779c01f
-
SHA256
f434868f9d05132bd1759bd890b85915e60cb665124caf8d9c9e53ccbd0930b1
-
SHA512
a00e8e51bff34a0f4638df67575b8717607fd2fe0942665e55c8f5e5901a4608b54d43e6837befc1988aa6f8052de5a1c71b8e55c0974a049d155eadcf5643ce
-
SSDEEP
96:hgtfC+61j/9llDkc+kY9mnunYkDt6+1QF27d+7a17YNzNt:mg12kY9SSICQOd7in
Malware Config
Extracted
metasploit
windows/reverse_tcp
192.168.1.20:4444
Targets
-
-
Target
f434868f9d05132bd1759bd890b85915e60cb665124caf8d9c9e53ccbd0930b1N
-
Size
7KB
-
MD5
cde3035e08bb57f1d80f9af2f6b2e710
-
SHA1
8c355b7edd051a73f866314adee525a8b779c01f
-
SHA256
f434868f9d05132bd1759bd890b85915e60cb665124caf8d9c9e53ccbd0930b1
-
SHA512
a00e8e51bff34a0f4638df67575b8717607fd2fe0942665e55c8f5e5901a4608b54d43e6837befc1988aa6f8052de5a1c71b8e55c0974a049d155eadcf5643ce
-
SSDEEP
96:hgtfC+61j/9llDkc+kY9mnunYkDt6+1QF27d+7a17YNzNt:mg12kY9SSICQOd7in
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Metasploit family
-
Boot or Logon Autostart Execution: Active Setup
Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-