Analysis
-
max time kernel
120s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
20-05-2024 00:20
Static task
static1
Behavioral task
behavioral1
Sample
8e4776ce90d2860c9ad9d9a55d06ba64b5793ea097d2eba8bd108f39fdf5c1a0.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
8e4776ce90d2860c9ad9d9a55d06ba64b5793ea097d2eba8bd108f39fdf5c1a0.exe
Resource
win10v2004-20240508-en
General
-
Target
8e4776ce90d2860c9ad9d9a55d06ba64b5793ea097d2eba8bd108f39fdf5c1a0.exe
-
Size
14KB
-
MD5
57dea8d186858ce5b4aca3458361698c
-
SHA1
e01315d0be67df61bade4241062927f2e2af5770
-
SHA256
8e4776ce90d2860c9ad9d9a55d06ba64b5793ea097d2eba8bd108f39fdf5c1a0
-
SHA512
1e9108f1f6f20c45ea9b092ee881b76c287ef748d73372df5f8d2e954640f778fe1499c0faf3b7bcc28af199a926e4baa4fe0e9843adafc7c7669dfd910262fd
-
SSDEEP
384:AN+kGKqbOCdWIVBff+xzRXwXG3SfCXAn:AN+kqRVpf5XFfiA
Malware Config
Extracted
metasploit
windows/download_exec
http://sandstorm2629.whoami.win:10054/YPeN
Signatures
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.