Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system -
submitted
18/09/2024, 21:11
Behavioral task
behavioral1
Sample
48b5af9b40c9d14eaf91167fa6142c56fe7909db150acf3cd01dbc67be394dbc.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
48b5af9b40c9d14eaf91167fa6142c56fe7909db150acf3cd01dbc67be394dbc.exe
Resource
win10v2004-20240802-en
General
-
Target
48b5af9b40c9d14eaf91167fa6142c56fe7909db150acf3cd01dbc67be394dbc.exe
-
Size
72KB
-
MD5
73d73c024fe835926456bf9b3e319202
-
SHA1
12a217e0ee1c614aaddc3270f7a99660c1dbfa7c
-
SHA256
48b5af9b40c9d14eaf91167fa6142c56fe7909db150acf3cd01dbc67be394dbc
-
SHA512
61ea4b430ef86811ceb89aa562e1f5477ec3fa521e0dd8dd72ba2480f5af00d1071a1d71c0619c8500200f5130eec3649b57d23c49b605d9d0b28e6e3712bea8
-
SSDEEP
1536:I3waaML8Fpsfcnz5P5Fbc0ylfCkMb+KR0Nc8QsJq39:5aaq8wm5PPiCke0Nc8QsC9
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Signatures
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 48b5af9b40c9d14eaf91167fa6142c56fe7909db150acf3cd01dbc67be394dbc.exe