Analysis
-
max time kernel
123s -
max time network
145s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
18-04-2024 07:04
Static task
static1
Behavioral task
behavioral1
Sample
dfebd8c7c69ad9b496a30d30812c3742b72417782d9705bc9d1b236189b4241f.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
dfebd8c7c69ad9b496a30d30812c3742b72417782d9705bc9d1b236189b4241f.exe
Resource
win10v2004-20240412-en
General
-
Target
dfebd8c7c69ad9b496a30d30812c3742b72417782d9705bc9d1b236189b4241f.exe
-
Size
14KB
-
MD5
ee141f78739c3a894210e7498a71af94
-
SHA1
3b28add0562f16c30380b9f4c3d25d1c23d941ff
-
SHA256
dfebd8c7c69ad9b496a30d30812c3742b72417782d9705bc9d1b236189b4241f
-
SHA512
8538a53c38c1052055940cf58ff7d5182f56bc51cdd93f840b9eed36fa839cdabbf7884db728ea1c6c02916a772c210baa6d8d7cc175cc23a186ff3db37373d3
-
SSDEEP
192:u3mbPYCfMcrfOIuZmvKQxtzlSIVX6NO/WzTBejDMN1:tMCfrfQ6tBSIRWzteUN1
Malware Config
Extracted
metasploit
windows/download_exec
http://142.171.27.92:6363/FTjX
- headers User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)
Signatures
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.