Analysis
-
max time kernel
93s -
max time network
94s -
platform
windows10-2004_x64 -
resource
win10v2004-20240508-en -
resource tags
arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system -
submitted
01-06-2024 10:39
Static task
static1
Behavioral task
behavioral1
Sample
5e63405b463b1ec5474a46d889983a66acbcde68fc5090ddb5c83ec4af37714a.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
5e63405b463b1ec5474a46d889983a66acbcde68fc5090ddb5c83ec4af37714a.exe
Resource
win10v2004-20240508-en
General
-
Target
5e63405b463b1ec5474a46d889983a66acbcde68fc5090ddb5c83ec4af37714a.exe
-
Size
14KB
-
MD5
7d6b2ed0047b8c001db5ccb1f21c688b
-
SHA1
9c27c71a17005305bc628cd4a9d4d984d11d880f
-
SHA256
5e63405b463b1ec5474a46d889983a66acbcde68fc5090ddb5c83ec4af37714a
-
SHA512
86b69aaed34a1e87f53e8da5186463e56f57d772df85f5e37bd47d7dad50c35446cd030a4d9d57c978211625fe28307f664b69a891f23360b613d6ce86eea455
-
SSDEEP
192:23mbPYCfMcrfOIuZmvKQxtzlSIVX6NO4WRaejDMN1:VMCfrfQ6tBSIKeUN1
Malware Config
Extracted
metasploit
windows/download_exec
http://47.120.63.120:8001/7jBy
- headers User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)
Signatures
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.