Extracted

• • Target

    0e764040f2fd6e55610ceb4e9c26ef5700b88f39976d568e177e5dd87177d659

  • Size

    1.8MB

  • MD5

    4f2f750825afb052a301916e922bb070

  • SHA1

    e087c8ec1d7155e1c0ac7634299af0e4e6c17a0d

  • SHA256

    0e764040f2fd6e55610ceb4e9c26ef5700b88f39976d568e177e5dd87177d659

  • SHA512

    6365f5159943efa200ee20b3503d0b0a6649287f73b389f7d39a50605a81ba877ac704289f5b4a798b0387e386f964728615fcb597b0b64b0c33a5c1f3d4f188

  • SSDEEP

    24576:/3vLRdVhZBK8NogWYO09aOGi9JHyMJmUgLk7/QDQHcb4j4wBC33hF7b60HNB/aQf:/3d5ZQ1mxJTJm/Y88j4i0jftBCO

  Score

  10^/10

  metasploitbackdoordiscoveryspywarestealertrojan

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit

  • Metasploit family

    metasploit

  • Drops file in Drivers directory

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Reads user/profile data of web browsers

    Infostealers often target stored browser data, which can include saved credentials etc.

    spywarestealer

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

  • Enumerates connected drives

    Attempts to read the root path of hard drives other than the default C: drive.

  behavioral1behavioral2