Analysis
-
max time kernel
106s -
max time network
99s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
18-09-2024 03:18
General
-
Target
f08abad2b96bb059189a3258bb1d63667a9c62e2a495dbb485c7637b8e55e7dcN.exe
-
Size
69KB
-
MD5
88d46627ccb5f46eaa13981f188065b0
-
SHA1
fc2d8a08d271e32d3f136fe7b44bf16f7bca681d
-
SHA256
f08abad2b96bb059189a3258bb1d63667a9c62e2a495dbb485c7637b8e55e7dc
-
SHA512
ed97ee5924520052be42bf29b5bae1392fd3b6a3c0ba0a9fa33eda09e268178ff36ae65065a02a1f46e501f68c649ef17954371b97c12fc048335d6f59ca366f
-
SSDEEP
1536:O4/pDCeWOVsc2yw1BnPp+kJUEbooPRrKKRA2wSX:dpDC7iV2yop+kJltZrpRA1SX
Score
10/10
Malware Config
Extracted
Family
metasploit
Version
windows/shell_reverse_tcp
C2
61.147.111.180:59822
Signatures
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes
-
C:\Users\Admin\AppData\Local\Temp\f08abad2b96bb059189a3258bb1d63667a9c62e2a495dbb485c7637b8e55e7dcN.exe"C:\Users\Admin\AppData\Local\Temp\f08abad2b96bb059189a3258bb1d63667a9c62e2a495dbb485c7637b8e55e7dcN.exe"1⤵
- System Location Discovery: System Language Discovery
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4KB
-
Filesize
4KB