Analysis
-
max time kernel
148s -
max time network
149s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
18-05-2024 08:22
Behavioral task
behavioral1
Sample
f9decc7db18b295bcc4077c3669d8b3d42459fb09263117575596868a4152cb7.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
f9decc7db18b295bcc4077c3669d8b3d42459fb09263117575596868a4152cb7.exe
Resource
win10v2004-20240426-en
General
-
Target
f9decc7db18b295bcc4077c3669d8b3d42459fb09263117575596868a4152cb7.exe
-
Size
12.0MB
-
MD5
43cc139cbb329ed7d2c4c4628374a3f8
-
SHA1
550b36d1d5c3851aea5ebc0f7c0aa34667d02247
-
SHA256
f9decc7db18b295bcc4077c3669d8b3d42459fb09263117575596868a4152cb7
-
SHA512
ac51fe8bb4080fcb046fa47cc6dd4a347a6b9d9f28903174ba7d1b69090ee42f7d2c90ab4446fc72c908d7929bab51335c4283b0d83a83ecd1fe5897b6c90da7
-
SSDEEP
196608:CvkcQhkPtXJaHKqdMd1lLITt/oQQYkGgRIIVolSiOHRYxJslXwZ3T8AxNqKEW3:skcQhkPbCd0HI5/KYGIyociOCzqXwT8C
Malware Config
Extracted
metasploit
windows/reverse_tcp
192.168.14.10:8000
Signatures
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2188-0-0x0000000000020000-0x0000000000021000-memory.dmpFilesize
4KB