Analysis
-
max time kernel
112s -
max time network
19s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
16-09-2024 20:27
General
-
Target
win2.exe
-
Size
14KB
-
MD5
0397e3b0fe0fd048b752cbe847d732ff
-
SHA1
81bff4802cffb9bf2090124a2b1c3ab476d19491
-
SHA256
585ac1b647fccc7d813be126371457e7826085b96fa8f6f46a30a68f43e49209
-
SHA512
11f2bf8490f0f33881061aee5a15a28dd6584ea870bc6dd6a593c7660d46c5a133eae4a42fdc0ac400059300dd78007a30d7328b4ffc22cfa39d4342c48e6ab3
-
SSDEEP
192:AaH+DgGK83SxHn2OQ/dmBI4KBfTgir+xzWWKlX7bqUqV/Qjo7AGa:A2+kGKqbOCdWIVBff+xzMvfCXAn
Score
10/10
Malware Config
Extracted
Family
metasploit
Version
windows/download_exec
C2
http://107.172.29.162:9988/tXHH
Attributes
- headers User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Signatures
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes
-
C:\Users\Admin\AppData\Local\Temp\win2.exe"C:\Users\Admin\AppData\Local\Temp\win2.exe"1⤵
- System Location Discovery: System Language Discovery
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4KB
-
Filesize
36KB