Analysis
-
max time kernel
133s -
max time network
135s -
platform
windows10-2004_x64 -
resource
win10v2004-20240426-en -
resource tags
arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system -
submitted
17-05-2024 18:12
Behavioral task
behavioral1
Sample
evil.pdf
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
evil.pdf
Resource
win10v2004-20240426-en
Behavioral task
behavioral3
Sample
template.exe
Resource
win7-20240221-en
Behavioral task
behavioral4
Sample
template.exe
Resource
win10v2004-20240426-en
General
-
Target
template.exe
-
Size
72KB
-
MD5
a0dadf4c06912afefea51d1d856a3eff
-
SHA1
a0e23b70d0d1e9880c4129f2a7b65133b72f8738
-
SHA256
5cfe86dcaed78ccabd079cb809786104314f73d5127c3ed6814bac9b1374fce8
-
SHA512
491fd6fe42e2856c9ff59d950cf7330f10e3ec969dcfe4c670e2e75931ecb5049a7c765dea23f4a4db64ea2f7075dd64f43a3b3a257876c72e8553ad433d3af8
-
SSDEEP
1536:IEsLiNBAADyEPVwTU9/c2GlVYMb+KR0Nc8QsJq39:CetmBUJGQe0Nc8QsC9
Malware Config
Extracted
metasploit
windows/reverse_tcp
146.19.191.45:4444
Signatures
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2760-0-0x0000000000870000-0x0000000000871000-memory.dmpFilesize
4KB