Analysis
-
max time kernel
151s -
max time network
167s -
platform
windows10-2004_x64 -
resource
win10v2004-20220414-en -
submitted
20-06-2022 17:49
Static task
static1
Behavioral task
behavioral1
Sample
31d1118f4136e4247ddcbf5a7b5a495e80864fa2ec933001a72bf79d5c3b5514.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
31d1118f4136e4247ddcbf5a7b5a495e80864fa2ec933001a72bf79d5c3b5514.exe
Resource
win10v2004-20220414-en
General
-
Target
31d1118f4136e4247ddcbf5a7b5a495e80864fa2ec933001a72bf79d5c3b5514.exe
-
Size
4.0MB
-
MD5
fb4c13cac5112b8c0d0a8fa9e9c8ad93
-
SHA1
b4f88f16f0b5002ace9aac669da29f46a0e52a35
-
SHA256
31d1118f4136e4247ddcbf5a7b5a495e80864fa2ec933001a72bf79d5c3b5514
-
SHA512
74a6e0a04acf95bd06f2e42a888e493b327ca51a4c4e9e209b32b93fabf49e9b6460cc5a5a06c58b075aa946aa7ecce4f78f64a2d7f53f1c101a6e225942dd91
Malware Config
Extracted
metasploit
windows/shell_reverse_tcp
61.14.238.91:3333
Signatures
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/1744-130-0x0000000000400000-0x0000000000803000-memory.dmpFilesize
4.0MB