Analysis
-
max time kernel
156s -
max time network
174s -
platform
windows10-2004_x64 -
resource
win10v2004-20220414-en -
submitted
04-06-2022 02:24
Static task
static1
Behavioral task
behavioral1
Sample
1195c53efafe2d245ac670d9d547414a1c63d776dd3d4b4d765f6334b841ea69.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
1195c53efafe2d245ac670d9d547414a1c63d776dd3d4b4d765f6334b841ea69.exe
Resource
win10v2004-20220414-en
General
-
Target
1195c53efafe2d245ac670d9d547414a1c63d776dd3d4b4d765f6334b841ea69.exe
-
Size
216KB
-
MD5
148105cead7f19db49bd1bab041b6375
-
SHA1
f61d28ac3d4bca5ca7d2638179c351798d442d12
-
SHA256
1195c53efafe2d245ac670d9d547414a1c63d776dd3d4b4d765f6334b841ea69
-
SHA512
b7bef4758fed874597c643265063f6928bb96dc85230313e609c90f1c315c188a12b7022b859a0df546bc5d2d7ce00c2f0a4b3384617e379987d61ccbce96f20
Malware Config
Extracted
metasploit
encoder/shikata_ga_nai
Extracted
metasploit
windows/shell_reverse_tcp
0.0.17.92:4444
Signatures
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.