Analysis

  • max time kernel
    148s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    22-06-2024 20:45

General

  • Target

    3dd164bf9356a68e93e510ee3409cc344d7055242dffcd953bd4dcca7d9abc6f.exe

  • Size

    7KB

  • MD5

    1a04f3e12e6479b20644dc434d922664

  • SHA1

    9e3061830060f4aecfc94e4c39e5366ff07edbf9

  • SHA256

    3dd164bf9356a68e93e510ee3409cc344d7055242dffcd953bd4dcca7d9abc6f

  • SHA512

    d6e1bc835e26f4744b4c59e4add719629f51529366802ddc4d04f5327a866878beee4d7ae6f64d6aaf184667888ac0765ed6dd85bbbcff7e8e3ea5d19f75f47e

  • SSDEEP

    24:eFGStrJ9u0/6uYnZdkBQAVK3Wqq9KZq1eNDMSCvOXpmB:is0LskBQvw93SD9C2kB

Malware Config

Extracted

Family

metasploit

Version

metasploit_stager

C2

192.168.150.101:9999

Signatures

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

Processes

  • C:\Users\Admin\AppData\Local\Temp\3dd164bf9356a68e93e510ee3409cc344d7055242dffcd953bd4dcca7d9abc6f.exe
    "C:\Users\Admin\AppData\Local\Temp\3dd164bf9356a68e93e510ee3409cc344d7055242dffcd953bd4dcca7d9abc6f.exe"
    1⤵
      PID:1208

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1208-0-0x0000000140000000-0x0000000140004278-memory.dmp

      Filesize

      16KB