Analysis
-
max time kernel
149s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20240910-en -
resource tags
-
submitted
13-09-2024 07:51
General
-
Target
c839dde008088199f46f3dab416fd3c19ce396202eba9b4e4e15cf8c98c3f612.exe
-
Size
150KB
-
MD5
9023bd21dc5214bc07ed03e1927d2f79
-
SHA1
0d8706c97291fde6e61260ba24ed495850ca9f11
-
SHA256
c839dde008088199f46f3dab416fd3c19ce396202eba9b4e4e15cf8c98c3f612
-
SHA512
cc0c89d38bd4312cccc6759bea3035e08a563396fadb80e5c07274c11288482b99eb8ad90c9c233379e85d1f3f17d770ac5643c29aa604a95de2ecdbb1f301fd
-
SSDEEP
3072:nXatIbKwSmEo3gRZ6xTKfY6zSQh3IVpVE9KFFGNmPRkn6Gw:qtIb93Qd13wVE9K3GNQRkn6N
Score
10/10
Malware Config
Extracted
Family
metasploit
Version
windows/reverse_tcp
C2
192.168.72.182:666
Signatures
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes
-
C:\Users\Admin\AppData\Local\Temp\c839dde008088199f46f3dab416fd3c19ce396202eba9b4e4e15cf8c98c3f612.exe"C:\Users\Admin\AppData\Local\Temp\c839dde008088199f46f3dab416fd3c19ce396202eba9b4e4e15cf8c98c3f612.exe"1⤵
- System Location Discovery: System Language Discovery
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
88KB
-
Filesize
88KB