Analysis
-
max time kernel
148s -
max time network
154s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
20-09-2024 04:35
General
-
Target
b69efc1884cfe63267ef7f3b8e0aff274dc31066ae09dea7c3e3ebac2168f0ddN.exe
-
Size
72KB
-
MD5
8c8bd0bd07232757d6ab091eb8f0f6e0
-
SHA1
2fb8d67b1b76194f4fdff7186bc9dc446e87c51c
-
SHA256
b69efc1884cfe63267ef7f3b8e0aff274dc31066ae09dea7c3e3ebac2168f0dd
-
SHA512
3f7c8776423bdf67410ce345094510acddc81ac2c2bca8bef3bf9a1cb5c2c6453626f524042ba60d6e138621df1738ba6ec6e62c854ae8ace04f0d1449511892
-
SSDEEP
1536:InZ2c91L/ppyNiKCHuP5tSskw+wRjBlT1Mb+KR0Nc8QsJq39:WUq1LGNiKpkIJHT1e0Nc8QsC9
Score
10/10
Malware Config
Extracted
Family
metasploit
Version
windows/reverse_tcp
C2
107.212.197.194:11448
Signatures
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes
-
C:\Users\Admin\AppData\Local\Temp\b69efc1884cfe63267ef7f3b8e0aff274dc31066ae09dea7c3e3ebac2168f0ddN.exe"C:\Users\Admin\AppData\Local\Temp\b69efc1884cfe63267ef7f3b8e0aff274dc31066ae09dea7c3e3ebac2168f0ddN.exe"1⤵
- System Location Discovery: System Language Discovery
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4KB