Analysis
-
max time kernel
149s -
max time network
149s -
platform
windows10-2004_x64 -
resource
win10v2004-20240426-en -
resource tags
arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system -
submitted
14-05-2024 06:54
Behavioral task
behavioral1
Sample
d268bf2972cd87c6772e49e553a1cba42baa5b538e2bedc5e48955457d56a617.exe
Resource
win10v2004-20240426-en
Behavioral task
behavioral2
Sample
d268bf2972cd87c6772e49e553a1cba42baa5b538e2bedc5e48955457d56a617.exe
Resource
win11-20240508-en
General
-
Target
d268bf2972cd87c6772e49e553a1cba42baa5b538e2bedc5e48955457d56a617.exe
-
Size
72KB
-
MD5
b2956ff8340e2b2eb4aa41fe953486f2
-
SHA1
61aee0199d08ec64a3aae01ad87f64375ae8e41a
-
SHA256
d268bf2972cd87c6772e49e553a1cba42baa5b538e2bedc5e48955457d56a617
-
SHA512
39115ece942c911006cf1905c025761b5b24cc0f2478dc28ee1a22c4aefa8edbb00ce3f47ef5bdc0226b679cee72432cfab8966d987c36af07e1b866c20f9508
-
SSDEEP
1536:IwS6yNK7Aletd+PC2zIm41Mb+KR0Nc8QsJq39:vTIecCm41e0Nc8QsC9
Malware Config
Extracted
metasploit
windows/reverse_http
http://13.53.131.190:8080/T7pAcJijO5W3e7Z60qiKkgIbQQoP6rbMsig_dPfHn1F6kzv1p2_hbOVGIM1iSbt1qtn6ErvFdXNrJE-Nn
Signatures
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.