Analysis
-
max time kernel
128s -
max time network
132s -
platform
windows7_x64 -
resource
win7v20201028 -
submitted
17-11-2020 15:20
Static task
static1
Behavioral task
behavioral1
Sample
d75bf112a0f7b47a854ac2bdb9ef910c.exe
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
d75bf112a0f7b47a854ac2bdb9ef910c.exe
Resource
win10v20201028
windows10_x64
0 signatures
0 seconds
General
-
Target
d75bf112a0f7b47a854ac2bdb9ef910c.exe
-
Size
2.9MB
-
MD5
1181c8e6ffb5000a73ac9e5a42d54d4b
-
SHA1
00b64c60aaa577baf384d828605ec724d5b837ce
-
SHA256
eca04626386ed44a1f7024e0a0b8af126b2e211823054a34f7d77a7d92540ec9
-
SHA512
c6d7a3daaaf8db1e2034ccc4fee7f83c0e994621464840eacf456165c758b62f151b38a2a93a7ea06fea4e2e12b1e954c1b7232c766b3a78ae98d77133390dba
Score
10/10
Malware Config
Signatures
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Processes:
resource yara_rule behavioral1/memory/2028-0-0x0000000000400000-0x0000000000A1B000-memory.dmp upx behavioral1/memory/2028-1-0x0000000000400000-0x0000000000A1B000-memory.dmp upx behavioral1/memory/2028-2-0x0000000000400000-0x0000000000A1B000-memory.dmp upx
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1996-3-0x000007FEF63F0000-0x000007FEF666A000-memory.dmpFilesize
2.5MB
-
memory/2028-0-0x0000000000400000-0x0000000000A1B000-memory.dmpFilesize
6.1MB
-
memory/2028-1-0x0000000000400000-0x0000000000A1B000-memory.dmpFilesize
6.1MB
-
memory/2028-2-0x0000000000400000-0x0000000000A1B000-memory.dmpFilesize
6.1MB