Analysis
-
max time kernel
149s -
max time network
153s -
platform
windows10-2004_x64 -
resource
win10v2004-20240412-en -
resource tags
arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system -
submitted
21-04-2024 16:14
Static task
static1
Behavioral task
behavioral1
Sample
eeab131d0bd7bd799ad8dd4df138700b6907885cff183729abaef912b48829ea.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
eeab131d0bd7bd799ad8dd4df138700b6907885cff183729abaef912b48829ea.exe
Resource
win10v2004-20240412-en
General
-
Target
eeab131d0bd7bd799ad8dd4df138700b6907885cff183729abaef912b48829ea.exe
-
Size
14KB
-
MD5
7027cb6efdb039575858c3442811109c
-
SHA1
1696327bb4b42ae6c73df6e020f79a723a76d309
-
SHA256
eeab131d0bd7bd799ad8dd4df138700b6907885cff183729abaef912b48829ea
-
SHA512
0a02a5ab743249919d802b26bbc02f6264a479029e8181ea56b2dabf0417f2e8b815ba365f0b77d426e27965f96bdd9aebaa5b8b66a61c7fa06e0b2c41ce24e0
-
SSDEEP
192:P3mbPYCfMcrfOIuZmvKQxtzlSIVX6NOaABTejDMN1:+MCfrfQ6tBSIZxeUN1
Malware Config
Extracted
metasploit
windows/download_exec
http://146.70.188.137:80/2Hnt
- headers User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; Win64; x64; Trident/6.0)
Signatures
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.