Analysis
-
max time kernel
150s -
max time network
149s -
platform
windows7_x64 -
resource
win7v20210410 -
submitted
06-05-2021 19:02
Static task
static1
Behavioral task
behavioral1
Sample
Invoice-1002.pdf
Resource
win7v20210410
Behavioral task
behavioral2
Sample
Invoice-1002.pdf
Resource
win10v20210408
Behavioral task
behavioral3
Sample
1002-Contoso.pdf.exe
Resource
win7v20210410
Behavioral task
behavioral4
Sample
1002-Contoso.pdf.exe
Resource
win10v20210410
General
-
Target
1002-Contoso.pdf.exe
-
Size
72KB
-
MD5
b6c91d5c68529f39be286ced0e473a63
-
SHA1
cfe3312ace153f13faa6da5defd0bd57c7f85aee
-
SHA256
f436586c9c49e46a759d7fa07853b1d5c54ff6c42133db68bd03c97eef4ea997
-
SHA512
0d78ed3ceade93596d10419316059faa6f53ecb805f2885055545157009062e2f99b8058b5c77d3e9e9e8b944abdbd3705e37887b4ed52b0168d460af6c669f9
Malware Config
Extracted
metasploit
windows/reverse_tcp
172.19.255.48:443
Signatures
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1104-60-0x0000000000020000-0x0000000000021000-memory.dmpFilesize
4KB