Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system -
submitted
21-09-2024 01:41
Behavioral task
behavioral1
Sample
e7cbdd679455c484919c5622700a889a7d1b0ce703a4d0cdf0a7f7757fd3e266.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
e7cbdd679455c484919c5622700a889a7d1b0ce703a4d0cdf0a7f7757fd3e266.exe
Resource
win10v2004-20240802-en
General
-
Target
e7cbdd679455c484919c5622700a889a7d1b0ce703a4d0cdf0a7f7757fd3e266.exe
-
Size
72KB
-
MD5
b6b77de46fac92727df6141f2699e398
-
SHA1
be808d5da9cf24e42707cce421e260c055314c75
-
SHA256
e7cbdd679455c484919c5622700a889a7d1b0ce703a4d0cdf0a7f7757fd3e266
-
SHA512
1ffbb3bd6ad0a4e0cd03bdfdfdfa4bbb15f5c7ab636ecd4d9500096f8c8808dd2b57e3432fbf9d218f23d44b8fea12920f763afc6ec3104b219d22c0ebe24a41
-
SSDEEP
1536:Ir+j0SQCQTGEx6NuQ9oQzpXlnsd+GMb+KR0Nc8QsJq39:600nTGEx6MooQzhpjGe0Nc8QsC9
Malware Config
Extracted
metasploit
windows/reverse_tcp
89.197.154.116:7810
Signatures
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language e7cbdd679455c484919c5622700a889a7d1b0ce703a4d0cdf0a7f7757fd3e266.exe