Analysis
-
max time kernel
119s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
22/01/2024, 10:43
Behavioral task
behavioral1
Sample
e673ea6cd9bf1053397e26a014e0da7d9056c23f77bd36aceb2818b0b2ddb366.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
e673ea6cd9bf1053397e26a014e0da7d9056c23f77bd36aceb2818b0b2ddb366.exe
Resource
win10v2004-20231215-en
General
-
Target
e673ea6cd9bf1053397e26a014e0da7d9056c23f77bd36aceb2818b0b2ddb366.exe
-
Size
122KB
-
MD5
3fd56e330582e996c4268eff03aace4c
-
SHA1
7dd911f48d7c550d4c166e7c103d70fea618c784
-
SHA256
e673ea6cd9bf1053397e26a014e0da7d9056c23f77bd36aceb2818b0b2ddb366
-
SHA512
71e809defce81ab31252846f20371912f6ccbf67c5c71b242a7448221e976d19bbfc551809d2c6a6baca8fbb6bc8d104f3f57111fafeeb94ad41fedc472b49d2
-
SSDEEP
3072:DwaK9NUTBVedxNHRW6m7WWAnHY3XQ6uAnHqUQ6:DIPUTBV2RW6m7WWAnHqXQ6uAnHqUQ6
Malware Config
Extracted
metasploit
encoder/shikata_ga_nai
Extracted
metasploit
windows/reverse_tcp
192.168.111.137:5566
Signatures
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.