Analysis
-
max time kernel
122s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240215-en -
resource tags
arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system -
submitted
20-04-2024 16:16
Behavioral task
behavioral1
Sample
a2094b266a2c985d2d28f075dc29d6a8e2cf6bdc25031499a01a46b1cbc9cca1.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
a2094b266a2c985d2d28f075dc29d6a8e2cf6bdc25031499a01a46b1cbc9cca1.exe
Resource
win10v2004-20240412-en
General
-
Target
a2094b266a2c985d2d28f075dc29d6a8e2cf6bdc25031499a01a46b1cbc9cca1.exe
-
Size
12.0MB
-
MD5
9293813fdfeea9f83dbbaad9afe0b028
-
SHA1
5bf0b993ff68202d36be7b2d078df6e726a57758
-
SHA256
a2094b266a2c985d2d28f075dc29d6a8e2cf6bdc25031499a01a46b1cbc9cca1
-
SHA512
a0e2e667c8ab77b385de2e45a865d89f023e52c2181f4da32d0d2a65d4c2c97da591ef7aecb204b1019d87e9ca9f6895ef30dbb10e6864ac451298a41db291df
-
SSDEEP
196608:c5pM2IaaJOGHKqdMd1lLITt/oQQYkGgRIIVolSiOHRYxJslXwZ3T8AxNqKEW3:CpM2PaMWd0HI5/KYGIyociOCzqXwT8Yn
Malware Config
Extracted
metasploit
windows/shell_reverse_tcp
192.168.174.131:1234
Signatures
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2460-0-0x0000000000020000-0x0000000000021000-memory.dmpFilesize
4KB