General
-
Target
02b7debacaf3f0b4b78f0aad92631f19a6650761f8b1f881dc8de854748222c4.exe
-
Size
46KB
-
Sample
241202-mr6q2a1lfx
-
MD5
a68a3a293a4f2e1083ad35246aec67a7
-
SHA1
4b4bef265d905e547fc0c84e0a22ee8f7d49b0fb
-
SHA256
02b7debacaf3f0b4b78f0aad92631f19a6650761f8b1f881dc8de854748222c4
-
SHA512
46ab7f8c8044639e2df84125666384c472d48b0f2c3712b3de0bbcd168a00fd9ac1619ab54319b8989bf4baecd2ca8b4040c0c215725ffcfd803085a31a4e8a1
-
SSDEEP
768:rPXmC3qIZ0DxyG5mrDhOi5Hw7SddGJcjshSz9EtKatFMSIuwamfp7o:LXmWZ01ihOi5Hw7SR4hSz9EtKqZILat
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
02b7debacaf3f0b4b78f0aad92631f19a6650761f8b1f881dc8de854748222c4.exe
-
Size
46KB
-
MD5
a68a3a293a4f2e1083ad35246aec67a7
-
SHA1
4b4bef265d905e547fc0c84e0a22ee8f7d49b0fb
-
SHA256
02b7debacaf3f0b4b78f0aad92631f19a6650761f8b1f881dc8de854748222c4
-
SHA512
46ab7f8c8044639e2df84125666384c472d48b0f2c3712b3de0bbcd168a00fd9ac1619ab54319b8989bf4baecd2ca8b4040c0c215725ffcfd803085a31a4e8a1
-
SSDEEP
768:rPXmC3qIZ0DxyG5mrDhOi5Hw7SddGJcjshSz9EtKatFMSIuwamfp7o:LXmWZ01ihOi5Hw7SR4hSz9EtKqZILat
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Metasploit family
-
Adds policy Run key to start application
-
Executes dropped EXE
-
Adds Run key to start application
-