Analysis
-
max time kernel
119s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
22/01/2024, 02:33
Static task
static1
Behavioral task
behavioral1
Sample
6e7cc415f5c1711d26d1edd57221f7ab.exe
Resource
win7-20231215-en
3 signatures
150 seconds
General
-
Target
6e7cc415f5c1711d26d1edd57221f7ab.exe
-
Size
4.4MB
-
MD5
6e7cc415f5c1711d26d1edd57221f7ab
-
SHA1
fc8ae3e7dea60381f880a5b7bf601cafc411d903
-
SHA256
6618cb672d569c0594bbe34f06e242ce8a1a02f43ec28f653ef6d5784b5df876
-
SHA512
5f6c44ecf7bed0cb17e0c9f93789d5c90b9918c1c1d360001a642a51c30aa51149d810a9396d299d7d0112b222a4af097786f12ed43c8b06000c2438f021dd1e
-
SSDEEP
98304:VTob8QH57XzQ0W/F92bARPxCzl1XTS8Li1EoYYRQN36V4FJYzLr/f+MXVmx:2bBlXsj/F9IKcR1EeYRw6CbYzGMFmx
Malware Config
Extracted
Family
metasploit
Version
windows/single_exec
Signatures
-
Glupteba payload 3 IoCs
resource yara_rule behavioral1/memory/2256-2-0x0000000002ED0000-0x00000000037F6000-memory.dmp family_glupteba behavioral1/memory/2256-4-0x0000000000400000-0x00000000027DC000-memory.dmp family_glupteba behavioral1/memory/2256-5-0x0000000002ED0000-0x00000000037F6000-memory.dmp family_glupteba -
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.