Analysis
-
max time kernel
105s -
max time network
116s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
21-09-2024 04:32
Static task
static1
Behavioral task
behavioral1
Sample
92d2dd23680c17a3a5e05903fcb11b9b0a6aada98692d9960890d10c86f431c3N.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
92d2dd23680c17a3a5e05903fcb11b9b0a6aada98692d9960890d10c86f431c3N.exe
Resource
win10v2004-20240802-en
General
-
Target
92d2dd23680c17a3a5e05903fcb11b9b0a6aada98692d9960890d10c86f431c3N.exe
-
Size
72KB
-
MD5
a2b83d00e8eb10603bfb923903b4cb40
-
SHA1
4d0a32d72eee4036213263936eb3bdd6eeda7944
-
SHA256
92d2dd23680c17a3a5e05903fcb11b9b0a6aada98692d9960890d10c86f431c3
-
SHA512
e52dc78e21291a4fec47f654bdf65f75643f276db2b5ce483bcab2f67307d2ad0ba2db76a44103b4af0387cd9c27cd5d7e856d19d2b0e62bb332ab8a2a992387
-
SSDEEP
1536:IjuLBrBC7SQ4S2LLUl4Gf7Gn3ABMb+KR0Nc8QsJq39:iErBJq4E6Se0Nc8QsC9
Malware Config
Extracted
metasploit
encoder/shikata_ga_nai
Signatures
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 92d2dd23680c17a3a5e05903fcb11b9b0a6aada98692d9960890d10c86f431c3N.exe