General
-
Target
27c32b7b8dedee495c8d1a9aa05d954f1460c2093162b14b5ffb7acd0127f6f2
-
Size
1.8MB
-
Sample
241109-akqd9asldy
-
MD5
c175db9d6163912466ef3cab0b2c4fe3
-
SHA1
8c93569f3c2d79c2f414e106aa9ded46cc63c0f8
-
SHA256
27c32b7b8dedee495c8d1a9aa05d954f1460c2093162b14b5ffb7acd0127f6f2
-
SHA512
544d16e9207b7c6704f1abeebe18cbab542c743d5ec56db19340ae25fdd655d7012615177ed1700cfd8d48bb46ef164f23c34837be96d49ccde180d225222b33
-
SSDEEP
24576:/3vLRdVhZBK8NogWYO09MOGi9JdLegMZt4zEyje0sMsvjwC/hR:/3d5ZQ1UxJhL2h0J+
Static task
static1
Behavioral task
behavioral1
Sample
27c32b7b8dedee495c8d1a9aa05d954f1460c2093162b14b5ffb7acd0127f6f2.exe
Resource
win7-20241010-en
Malware Config
Extracted
metasploit
windows/shell_reverse_tcp
1.15.12.73:4567
Targets
-
-
Target
27c32b7b8dedee495c8d1a9aa05d954f1460c2093162b14b5ffb7acd0127f6f2
-
Size
1.8MB
-
MD5
c175db9d6163912466ef3cab0b2c4fe3
-
SHA1
8c93569f3c2d79c2f414e106aa9ded46cc63c0f8
-
SHA256
27c32b7b8dedee495c8d1a9aa05d954f1460c2093162b14b5ffb7acd0127f6f2
-
SHA512
544d16e9207b7c6704f1abeebe18cbab542c743d5ec56db19340ae25fdd655d7012615177ed1700cfd8d48bb46ef164f23c34837be96d49ccde180d225222b33
-
SSDEEP
24576:/3vLRdVhZBK8NogWYO09MOGi9JdLegMZt4zEyje0sMsvjwC/hR:/3d5ZQ1UxJhL2h0J+
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Metasploit family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Credential Access
Credentials from Password Stores
1Credentials from Web Browsers
1Unsecured Credentials
1Credentials In Files
1