Analysis
-
max time kernel
129s -
max time network
98s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system -
submitted
26-05-2024 21:56
Static task
static1
Behavioral task
behavioral1
Sample
a4d3cafbebcae8e36642224cc1df9845e1c7faf1858faea7037b2d969b57bf3e.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
a4d3cafbebcae8e36642224cc1df9845e1c7faf1858faea7037b2d969b57bf3e.exe
Resource
win10v2004-20240508-en
General
-
Target
a4d3cafbebcae8e36642224cc1df9845e1c7faf1858faea7037b2d969b57bf3e.exe
-
Size
14KB
-
MD5
c4d8050732c94ff27da133ff25c7b5ed
-
SHA1
c7cae371be6de609e9cad803cd937d725e768100
-
SHA256
a4d3cafbebcae8e36642224cc1df9845e1c7faf1858faea7037b2d969b57bf3e
-
SHA512
7fbbab74c4e2aa76ca58382cdcdc0df43b1d59077109324651e1d5b5e156c6a3bd81a0a18ca7a612452bd3bb241cb8ce7430cb144a6e192bb58df760702a0b08
-
SSDEEP
192:W3mbPYCfMcrfOIuZmvKQxtzlSIVX6NOsZpzyejDMN1:1MCfrfQ6tBSIuXueUN1
Malware Config
Extracted
metasploit
windows/download_exec
http://192.168.1.134:80/sHi8
- headers User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; UHS)
Signatures
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.