Analysis
-
max time kernel
146s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20240426-en -
resource tags
arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system -
submitted
04-05-2024 23:21
Static task
static1
Behavioral task
behavioral1
Sample
80bf4c915ee23b7800f8f09e16a5687d85b441b32e32fb863dc9dddb84e3ac74.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
80bf4c915ee23b7800f8f09e16a5687d85b441b32e32fb863dc9dddb84e3ac74.exe
Resource
win10v2004-20240426-en
General
-
Target
80bf4c915ee23b7800f8f09e16a5687d85b441b32e32fb863dc9dddb84e3ac74.exe
-
Size
46KB
-
MD5
3362335b8eb7d96f17ffad81f82585cf
-
SHA1
74e425010ba7021e7dfc8bd558e36e3a8bd8ac00
-
SHA256
80bf4c915ee23b7800f8f09e16a5687d85b441b32e32fb863dc9dddb84e3ac74
-
SHA512
4627b72fda0c642c88c2e3b68e41c5a92cbc1724ae0c23149681e175fcf73ee7d04bcc540f62e632a814cdefbf3539cdd710f60c5d6467537da221865cba4256
-
SSDEEP
768:gRmAA6uESG8VrqRXNOa4Mu7tHZUmso6+sIgL4I:Yc1vzVrKQa3ucessI
Malware Config
Extracted
metasploit
windows/download_exec
http://103.145.107.83:88/vue86.min.js
- headers User-Agent: Mozilla/5.0 (Windows NT 6.2; rv:21.0) Gecko/20130326 Firefox/21.0
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/3588-0-0x0000000000BD0000-0x0000000000BD1000-memory.dmpFilesize
4KB
-
memory/3588-1-0x0000000004460000-0x0000000004860000-memory.dmpFilesize
4.0MB
-
memory/3588-2-0x0000000004860000-0x00000000048AE000-memory.dmpFilesize
312KB
-
memory/3588-3-0x0000000000BA0000-0x0000000000BB2000-memory.dmpFilesize
72KB
-
memory/3588-5-0x0000000004860000-0x00000000048AE000-memory.dmpFilesize
312KB