Resubmissions
17-06-2024 18:22
240617-wz98vstamk 1017-06-2024 18:02
240617-wmjkdaselp 1017-06-2024 18:00
240617-wlq8tssejj 1002-05-2024 06:18
240502-g2xm8abc2x 10Analysis
-
max time kernel
47s -
max time network
36s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
17-06-2024 18:00
Static task
static1
Behavioral task
behavioral1
Sample
ad1cbe205954a376de542fe8cdd6e971037386eb8afe86fee310555c6cf5a1ed.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
ad1cbe205954a376de542fe8cdd6e971037386eb8afe86fee310555c6cf5a1ed.exe
Resource
win10v2004-20240508-en
General
-
Target
ad1cbe205954a376de542fe8cdd6e971037386eb8afe86fee310555c6cf5a1ed.exe
-
Size
1.4MB
-
MD5
86d42bc1c6c0636a5e5511e875aab599
-
SHA1
47a40954ecbd4abf85659a859341d4eb28cce41b
-
SHA256
ad1cbe205954a376de542fe8cdd6e971037386eb8afe86fee310555c6cf5a1ed
-
SHA512
c98ad5dc51e6617e39251891a01c39ea9f39c7ca58373656d1803ca8fb3df7d005110362f92355cd0b634ad7ae5166d28158840aca1f0caf793e4c41a12fb166
-
SSDEEP
24576:i5lRMo0yiwcNRfdSaF95aqXzK/ekq3in1Lc8o00hSP65HsdWN1jc7cxO:iCdSaF/73inNSkP69ssg7CO
Malware Config
Extracted
metasploit
windows/download_exec
http://192.210.162.147:80/TJXf
- headers User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; NP07; NP07)
Signatures
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
Processes
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2028-0-0x00000000003E0000-0x00000000003E1000-memory.dmpFilesize
4KB