General
-
Target
2bf1f0dca95be633801cfc07d0107db8e891133586c0cbbbc9206edc0f00a02b
-
Size
9.5MB
-
Sample
240629-ld45lsvclf
-
MD5
3e81bd54974f47892924dda600d81fc1
-
SHA1
1fdd4da4e058f3d2a9d503a48572c816611bebce
-
SHA256
2bf1f0dca95be633801cfc07d0107db8e891133586c0cbbbc9206edc0f00a02b
-
SHA512
04cafc7bd853ea08dbbbf226fe43e6d4dc1489415d9145eb1824e7a5cd705a74c6323be179dd5b5494f33dd450465a908b3a89ef6f0c7950b608bf74c4959c87
-
SSDEEP
196608:yR30oCN9nA5lbrb3fb6yTonobM9aX2cbZGKQcaCnNPDGwGus:AweXDfbRYoX2cbSNw7Gwrs
Static task
static1
Behavioral task
behavioral1
Sample
2bf1f0dca95be633801cfc07d0107db8e891133586c0cbbbc9206edc0f00a02b.dll
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2bf1f0dca95be633801cfc07d0107db8e891133586c0cbbbc9206edc0f00a02b.dll
Resource
win10v2004-20240508-en
Malware Config
Extracted
metasploit
windows/reverse_tcp
192.168.239.128:6666
Targets
-
-
Target
2bf1f0dca95be633801cfc07d0107db8e891133586c0cbbbc9206edc0f00a02b
-
Size
9.5MB
-
MD5
3e81bd54974f47892924dda600d81fc1
-
SHA1
1fdd4da4e058f3d2a9d503a48572c816611bebce
-
SHA256
2bf1f0dca95be633801cfc07d0107db8e891133586c0cbbbc9206edc0f00a02b
-
SHA512
04cafc7bd853ea08dbbbf226fe43e6d4dc1489415d9145eb1824e7a5cd705a74c6323be179dd5b5494f33dd450465a908b3a89ef6f0c7950b608bf74c4959c87
-
SSDEEP
196608:yR30oCN9nA5lbrb3fb6yTonobM9aX2cbZGKQcaCnNPDGwGus:AweXDfbRYoX2cbSNw7Gwrs
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Suspicious use of SetThreadContext
-