Analysis
-
max time kernel
143s -
max time network
131s -
platform
windows10-2004_x64 -
resource
win10v2004-20240412-en -
resource tags
arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system -
submitted
25-04-2024 15:14
Static task
static1
Behavioral task
behavioral1
Sample
2116fd13fc4617269c05360f60a811eb07cf5a299a97355cb729ba09954f86e5.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
2116fd13fc4617269c05360f60a811eb07cf5a299a97355cb729ba09954f86e5.exe
Resource
win10v2004-20240412-en
General
-
Target
2116fd13fc4617269c05360f60a811eb07cf5a299a97355cb729ba09954f86e5.exe
-
Size
14KB
-
MD5
ec67a6a2df90f6d083e2a55961fd75f6
-
SHA1
e4d8d91ffc6e1ff02c944639d63ea9d351679450
-
SHA256
2116fd13fc4617269c05360f60a811eb07cf5a299a97355cb729ba09954f86e5
-
SHA512
b50933baf68f4613a1abbf5978fa7e3553b3d48c865d1206e0db7e95b884cb65d8a2b218271af8220d333fbd8998cb2542881c9c873e4240b765e8d2caec39b5
-
SSDEEP
192:/3mbPYCfMcrfOIuZmvKQxtzlSIVX6NOj9PejDMN1:OMCfrfQ6tBSI99PeUN1
Malware Config
Extracted
metasploit
windows/download_exec
http://192.168.189.187:82/VbaC
- headers User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; BOIE9;ENAU)
Signatures
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.