General
-
Target
RjvPlatform.dll
-
Size
9KB
-
Sample
241224-azwvkswrgp
-
MD5
42c0eca6e4092da7b58ad45699f99bfe
-
SHA1
ecdd424aca025a4b57750955298b3ef3995c057e
-
SHA256
57cf7d7537c6622ceeb9d0326be3af48dd4f3095fb6e2998db49616e450c7a74
-
SHA512
6687f477b891e00417cb9fd4c2ca557a659cf8599dcc9c0ed67b1ba3f6fe8787cb48ee5c082c1a25dccd45fb7a3e649e5471eb4de7bfbfd4502c7453fceb895b
-
SSDEEP
48:q0r+l6O5aXyn/hNhx4/jC/VcQkSD9C2zRb0E:dX02Qj5P
Malware Config
Extracted
metasploit
metasploit_stager
213.152.165.29:9500
Targets
-
-
Target
RjvPlatform.dll
-
Size
9KB
-
MD5
42c0eca6e4092da7b58ad45699f99bfe
-
SHA1
ecdd424aca025a4b57750955298b3ef3995c057e
-
SHA256
57cf7d7537c6622ceeb9d0326be3af48dd4f3095fb6e2998db49616e450c7a74
-
SHA512
6687f477b891e00417cb9fd4c2ca557a659cf8599dcc9c0ed67b1ba3f6fe8787cb48ee5c082c1a25dccd45fb7a3e649e5471eb4de7bfbfd4502c7453fceb895b
-
SSDEEP
48:q0r+l6O5aXyn/hNhx4/jC/VcQkSD9C2zRb0E:dX02Qj5P
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Metasploit family
-
Blocklisted process makes network request
-
Suspicious use of SetThreadContext
-