Resubmissions
17-06-2024 18:22
240617-wz98vstamk 1017-06-2024 18:02
240617-wmjkdaselp 1017-06-2024 18:00
240617-wlq8tssejj 1002-05-2024 06:18
240502-g2xm8abc2x 10Analysis
-
max time kernel
143s -
max time network
146s -
platform
windows10-2004_x64 -
resource
win10v2004-20240611-en -
resource tags
-
submitted
17-06-2024 18:02
General
-
Target
ad1cbe205954a376de542fe8cdd6e971037386eb8afe86fee310555c6cf5a1ed.exe
-
Size
1.4MB
-
MD5
86d42bc1c6c0636a5e5511e875aab599
-
SHA1
47a40954ecbd4abf85659a859341d4eb28cce41b
-
SHA256
ad1cbe205954a376de542fe8cdd6e971037386eb8afe86fee310555c6cf5a1ed
-
SHA512
c98ad5dc51e6617e39251891a01c39ea9f39c7ca58373656d1803ca8fb3df7d005110362f92355cd0b634ad7ae5166d28158840aca1f0caf793e4c41a12fb166
-
SSDEEP
24576:i5lRMo0yiwcNRfdSaF95aqXzK/ekq3in1Lc8o00hSP65HsdWN1jc7cxO:iCdSaF/73inNSkP69ssg7CO
Score
10/10
Malware Config
Extracted
Family
metasploit
Version
windows/download_exec
C2
http://192.210.162.147:80/TJXf
Attributes
- headers User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; NP07; NP07)
Signatures
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
Processes
-
C:\Users\Admin\AppData\Local\Temp\ad1cbe205954a376de542fe8cdd6e971037386eb8afe86fee310555c6cf5a1ed.exe"C:\Users\Admin\AppData\Local\Temp\ad1cbe205954a376de542fe8cdd6e971037386eb8afe86fee310555c6cf5a1ed.exe"1⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
memory/2952-0-0x0000000000880000-0x0000000000881000-memory.dmpFilesize
4KB