Analysis
-
max time kernel
94s -
max time network
95s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
-
submitted
23-09-2024 03:43
General
-
Target
9db966bf3a884645a56cdb0a004bcd2e5366ba3dae90189f44725753c431dd18.exe
-
Size
10KB
-
MD5
5d156f39dc25a47a9a89baf5348cde03
-
SHA1
16cd13d4233666fd36b82daf2327bd9bb9490a15
-
SHA256
9db966bf3a884645a56cdb0a004bcd2e5366ba3dae90189f44725753c431dd18
-
SHA512
08538601306cb76452510152fa209bebe1afd8fc4708a259c034f96f8fc03b3341c010fe76c494e24fa81936b80cecdab8658e9b8d044ab6c0d866375b14716f
-
SSDEEP
192:ywRj17XuBWRHUjYxWJdzjOQ1eYGIZcu7E5pz6fMTMQ+:HDuBYHL0JdzjPsYGISu7aMp
Score
10/10
Malware Config
Extracted
Family
metasploit
Version
windows/download_exec
C2
http://192.168.100.102:82/INSr
Attributes
- headers User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0; Touch; MALCJS)
Signatures
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes
-
C:\Users\Admin\AppData\Local\Temp\9db966bf3a884645a56cdb0a004bcd2e5366ba3dae90189f44725753c431dd18.exe"C:\Users\Admin\AppData\Local\Temp\9db966bf3a884645a56cdb0a004bcd2e5366ba3dae90189f44725753c431dd18.exe"1⤵
- System Location Discovery: System Language Discovery
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4KB