Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
23-05-2024 10:22
Static task
static1
Behavioral task
behavioral1
Sample
a8e2277705c79e69e9231f07c06e51565336ad87d2619cc905886c17284bd1ad.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
a8e2277705c79e69e9231f07c06e51565336ad87d2619cc905886c17284bd1ad.exe
Resource
win10v2004-20240508-en
General
-
Target
a8e2277705c79e69e9231f07c06e51565336ad87d2619cc905886c17284bd1ad.exe
-
Size
14KB
-
MD5
fbd4643c195de483f053028ff1972528
-
SHA1
0aaf393d7c73ed2c04072ab5490f0b29eecba673
-
SHA256
a8e2277705c79e69e9231f07c06e51565336ad87d2619cc905886c17284bd1ad
-
SHA512
f63ee72328722a644e9e5b0e8808dca794b9e03886fb5e1117ff7071be5a062b92d09b96d0e31437fd3795bc0960bbd39c3d47a2b5aba362157463c901be992b
-
SSDEEP
192:y3mbPYCfMcrfOIuZmvKQxtzlSIVX6NOxyejDMN1:pMCfrfQ6tBSITyeUN1
Malware Config
Extracted
metasploit
windows/download_exec
http://192.168.254.129:1234/CyOQ
- headers User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; BOIE9;ENUS)
Signatures
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.