Analysis
-
max time kernel
130s -
max time network
133s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system -
submitted
21/01/2024, 09:03
Static task
static1
Behavioral task
behavioral1
Sample
6ce7565819f7a2c972a909fb682d10c4.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
6ce7565819f7a2c972a909fb682d10c4.exe
Resource
win10v2004-20231215-en
General
-
Target
6ce7565819f7a2c972a909fb682d10c4.exe
-
Size
455KB
-
MD5
6ce7565819f7a2c972a909fb682d10c4
-
SHA1
b1d92ef99ba396e5f4a530a83e60cbae4feb78a2
-
SHA256
468b0a8b9e80c8a264b84ce79d851821c51fe7ae1d93fe5a72fa7277e8a482e7
-
SHA512
40e05230a76a5a9304c79ea5731b1add8426a5a717ffdfcf80d1f0de0063e2cd050e8d4ac4119e7458a2be6dc013197114bbafac12e38b058d2416a4b512f02d
-
SSDEEP
12288:xNry0Wf2ktXLwk3Ta77Hp0fWAUmBrgV2OvYFyVIoFi:xif2ktMV2OvYFyVIoFi
Malware Config
Extracted
metasploit
windows/download_exec
http://192.168.0.3:1369/u9eI
- headers User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0)
Signatures
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.