Analysis
-
max time kernel
105s -
max time network
118s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system -
submitted
19-09-2024 22:13
Behavioral task
behavioral1
Sample
6c0154444703160d4160479e4cf3643439c5259ff04c892408752fed64790a0dN.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
6c0154444703160d4160479e4cf3643439c5259ff04c892408752fed64790a0dN.exe
Resource
win10v2004-20240802-en
General
-
Target
6c0154444703160d4160479e4cf3643439c5259ff04c892408752fed64790a0dN.exe
-
Size
72KB
-
MD5
3dbc62ae13743894c9ac76851dfe6510
-
SHA1
665dd0e372b5888214c2315899d870dab988a0ca
-
SHA256
6c0154444703160d4160479e4cf3643439c5259ff04c892408752fed64790a0d
-
SHA512
827c4c81dc5eacd23308986aea5c3fe7bafdc7823e0ed5fe69fdd1ed4c2a5328151a980d98b746b0bee48594cd247937166eabedad7eb6a602978602c8845bc4
-
SSDEEP
1536:IXVqHonUrtonGEyNDP+GTWga11+OMb+KR0Nc8QsJq39:yVqH6XnGJWgie0Nc8QsC9
Malware Config
Extracted
metasploit
windows/reverse_tcp
122.4.211.85:10608
Signatures
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 6c0154444703160d4160479e4cf3643439c5259ff04c892408752fed64790a0dN.exe