Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240705-en -
resource tags
arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system -
submitted
05-07-2024 18:34
Behavioral task
behavioral1
Sample
a1b36b37454873c6afe0f5822e343a029b9724ee07ec6ae4243d5a688e9a84c7.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
a1b36b37454873c6afe0f5822e343a029b9724ee07ec6ae4243d5a688e9a84c7.exe
Resource
win10v2004-20240704-en
General
-
Target
a1b36b37454873c6afe0f5822e343a029b9724ee07ec6ae4243d5a688e9a84c7.exe
-
Size
47KB
-
MD5
be101f8181d00ee2196fbc988d85d7d3
-
SHA1
33ad1f1d1b139b6f2ffe3fe0c7a94f61e4ec7088
-
SHA256
a1b36b37454873c6afe0f5822e343a029b9724ee07ec6ae4243d5a688e9a84c7
-
SHA512
167b1e1e2064a3368a7c0d0fcb5883170651325bae540413fdd8b9fcca234b3c6cc598867e640c8272e68fc966dd39378259f8818bff4024ed1edbb25e7bc880
-
SSDEEP
768:IFL4OV4w9yKeW8AopyKYZ3qFYsXR/nbBgQroqWIHplBa2pcbJdWbvE0O0vfq3:IO0rbaL8rstNcqWocNdAK0Hq3
Malware Config
Extracted
metasploit
windows/reverse_http
http://89.197.154.116:7810/O6Z_Oh2DCu_X-db4sYLFEg1hYXRf_R2oUsq-2FBCe7OY5fyzWx30F0mf2_tTjbnFbloJRApsw
Signatures
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
resource yara_rule behavioral1/memory/2360-0-0x0000000000400000-0x0000000000419000-memory.dmp upx behavioral1/memory/2360-2-0x0000000000400000-0x0000000000419000-memory.dmp upx