Analysis
-
max time kernel
8s -
max time network
11s -
platform
windows7_x64 -
resource
win7v20201028 -
submitted
28-11-2020 01:05
Static task
static1
Behavioral task
behavioral1
Sample
166.exe
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
166.exe
Resource
win10v20201028
windows10_x64
0 signatures
0 seconds
General
-
Target
166.exe
-
Size
14KB
-
MD5
d04c8789ef1d1c939eeddf843ffc3d23
-
SHA1
6ba8e4a6d3006876cece1e105da552f04ed2d77c
-
SHA256
4c32d37b3cdcd4c345012a832191192b05dda501f444aa5d4ce17037b36eac23
-
SHA512
7cc16141428f9617f078e39a61f769bdf2a78f1c8c552b0f3f0e67035bc27e3bf37fd12bbb613970319f9fe1189e90090c8636a786d6880b805bf38a868028a3
Score
10/10
Malware Config
Extracted
Family
metasploit
Version
windows/download_exec
C2
http://185.153.199.166:80/pj8J
Attributes
- headers User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; BOIE9;NLNL)
Signatures
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.