Analysis
-
max time kernel
105s -
max time network
94s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
07-11-2024 13:46
General
-
Target
b8347f71d6671005dc16c195b6ea5e5636eb073c318ddbfaafbb4d182fc98e0eN.exe
-
Size
72KB
-
MD5
8e4468001fee33a441826bd8b7b37b80
-
SHA1
e781ba3137a70f6e37f89baa923f6d836a14ffe0
-
SHA256
b8347f71d6671005dc16c195b6ea5e5636eb073c318ddbfaafbb4d182fc98e0e
-
SHA512
cd8b020035125df6f26fe5bfbb8719d2a0f2b778f087b3298b7f9dd542cb3c0bb7d2551e08428e2d66efd97c51ac1da702befe4136c06215e73d0357c5de3b2a
-
SSDEEP
1536:II2E1PRHAHFiF9Bg9MKcL/JXfBmWMb+KR0Nc8QsJq39:RBHAHFK92mTJNe0Nc8QsC9
Score
10/10
Malware Config
Extracted
Family
metasploit
Version
windows/shell_reverse_tcp
C2
190.120.228.115:4444
Signatures
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Metasploit family
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes
-
C:\Users\Admin\AppData\Local\Temp\b8347f71d6671005dc16c195b6ea5e5636eb073c318ddbfaafbb4d182fc98e0eN.exe"C:\Users\Admin\AppData\Local\Temp\b8347f71d6671005dc16c195b6ea5e5636eb073c318ddbfaafbb4d182fc98e0eN.exe"1⤵
- System Location Discovery: System Language Discovery
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4KB