Analysis
-
max time kernel
131s -
max time network
140s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system -
submitted
04-11-2024 03:54
Behavioral task
behavioral1
Sample
1e4d37512b9fe533da0d4763b577e8cb.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
1e4d37512b9fe533da0d4763b577e8cb.exe
Resource
win10v2004-20241007-en
General
-
Target
1e4d37512b9fe533da0d4763b577e8cb.exe
-
Size
72KB
-
MD5
1e4d37512b9fe533da0d4763b577e8cb
-
SHA1
bce2b775648f3934aedb82a5af8dd0be23619e6c
-
SHA256
33e05850ad449beeb23a9b18edb84402394f1a1ed4aaa2e72100e790797e813e
-
SHA512
c71b800ac7ebf59b96cd2f638a479d116a83df7f16c0fa487cda7b23a4963bf6e7c04c73548cc55699363fdac7e1d2d4142c2a89eed64906b329aaea4f2f65be
-
SSDEEP
1536:IC3D9YWhdDGNzMulvrjmSPHqmMb+KR0Nc8QsJq39:/9Y0ExMcraSPHhe0Nc8QsC9
Malware Config
Extracted
metasploit
encoder/shikata_ga_nai
Signatures
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Metasploit family
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 1e4d37512b9fe533da0d4763b577e8cb.exe