Extracted

• • Target

    a0d38a85c78a89886c93e627b25e888f79078e6751d4ef5e0aa918ef7663cbbd

  • Size

    1.5MB

  • MD5

    8373d49cba039770879b66b45257ce51

  • SHA1

    3335b6adf81c41269a8267209244904967e867d7

  • SHA256

    a0d38a85c78a89886c93e627b25e888f79078e6751d4ef5e0aa918ef7663cbbd

  • SHA512

    5fe691958ea6822a1ee0e595495288c776e3718fddbd25995081f359a1f1d3f734379ab37f5706ed25a58a70c16c690d637a0cbbfe422aec094e45b3a27e7ae9

  • SSDEEP

    24576:b5ZWs+OZVEWry8AFHG3zmr1BE3FOwIPSXotdjrpUT8qU0m:1ZB1G8YmOGFO/tp/j0m

  Score

  10^/10

  metasploitbackdoordiscoverytrojan

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit

  • Metasploit family

    metasploit

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  behavioral1behavioral2