General
-
Target
0990c7d37d39c4185a5f0dac7aeda754.vbs
-
Size
7KB
-
Sample
250326-slvdpsxtfv
-
MD5
0990c7d37d39c4185a5f0dac7aeda754
-
SHA1
de8d15fd649c676b757687322e6d475b1824b7ea
-
SHA256
ab6b0dc77b4b5cf9e82d8500889f65ef1714da2222f70821ce159d110d294d56
-
SHA512
8de3c234e5a148233118bb414ea7564c075976e2647c5d900e834454289961bc3696be7008ce522e61f9134f2786fbe1ef1bd2ebbe49e49ff2ba8946e21516ec
-
SSDEEP
96:st/S5eXXTzxPdG69X/UrI1aTdENupeBbRS3X7r0vA4MM61Ft8gVDBRSSApMmzZ:s/SOXfxVGTddEYD3XflrWgVDGSAphZ
Malware Config
Extracted
metasploit
encoder/shikata_ga_nai
Extracted
metasploit
windows/reverse_tcp
89.197.154.115:7700
Targets
-
-
Target
0990c7d37d39c4185a5f0dac7aeda754.vbs
-
Size
7KB
-
MD5
0990c7d37d39c4185a5f0dac7aeda754
-
SHA1
de8d15fd649c676b757687322e6d475b1824b7ea
-
SHA256
ab6b0dc77b4b5cf9e82d8500889f65ef1714da2222f70821ce159d110d294d56
-
SHA512
8de3c234e5a148233118bb414ea7564c075976e2647c5d900e834454289961bc3696be7008ce522e61f9134f2786fbe1ef1bd2ebbe49e49ff2ba8946e21516ec
-
SSDEEP
96:st/S5eXXTzxPdG69X/UrI1aTdENupeBbRS3X7r0vA4MM61Ft8gVDBRSSApMmzZ:s/SOXfxVGTddEYD3XflrWgVDGSAphZ
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Metasploit family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-