Analysis
-
max time kernel
93s -
max time network
127s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system -
submitted
30-03-2024 10:01
Static task
static1
Behavioral task
behavioral1
Sample
60ad2812249c052e56585afbe64a498f62a6a4a002dfc23314c51beb4b90e410.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
60ad2812249c052e56585afbe64a498f62a6a4a002dfc23314c51beb4b90e410.exe
Resource
win10v2004-20240226-en
General
-
Target
60ad2812249c052e56585afbe64a498f62a6a4a002dfc23314c51beb4b90e410.exe
-
Size
14KB
-
MD5
68dabb6ab77b10ae860e3fb22b8e9c08
-
SHA1
0bd0c3dfac80b4b09eb4c8dbf42b4682e81ee0a5
-
SHA256
60ad2812249c052e56585afbe64a498f62a6a4a002dfc23314c51beb4b90e410
-
SHA512
0ce9aea8d48583decaf60906dd92b8c784435988f804790ce6eb181fe7c8eda9b67c4afbe21f6cfb087ef48a09571314a0b2442a21b104ec8d84c2318d503e62
-
SSDEEP
192:83mbPYCfMcrfOIuZmvKQxtzlSIVX6NOAnejDMN1:DMCfrfQ6tBSI+neUN1
Malware Config
Extracted
metasploit
windows/download_exec
http://192.168.106.163:80/of8O
- headers User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)
Signatures
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.