Analysis
-
max time kernel
106s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
-
submitted
08-11-2024 06:21
General
-
Target
b5075a404c269308efca2018adb6b605d6417240dc1567e474da956999c950ceN.exe
-
Size
72KB
-
MD5
90e8dcc0e970ab9c74d398a6476e98f0
-
SHA1
6561e562c967fae1e0fdf08e8d6b89fdc57fbe76
-
SHA256
b5075a404c269308efca2018adb6b605d6417240dc1567e474da956999c950ce
-
SHA512
bd7e03930276fc9816a97d93261302605999f81a3beb4d1fc4981f5ea0f62db2c41061414c611f0cb6fbc22e2812be7d60c83bc764c48fddaac42c8c5c33bcf2
-
SSDEEP
1536:IdH+St/eARs+QYIPT9hRPdkApMb+KR0Nc8QsJq39:vSt/eADtwT9hkApe0Nc8QsC9
Score
10/10
Malware Config
Extracted
Family
metasploit
Version
windows/reverse_tcp
C2
192.168.106.132:8080
Signatures
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Metasploit family
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes
-
C:\Users\Admin\AppData\Local\Temp\b5075a404c269308efca2018adb6b605d6417240dc1567e474da956999c950ceN.exe"C:\Users\Admin\AppData\Local\Temp\b5075a404c269308efca2018adb6b605d6417240dc1567e474da956999c950ceN.exe"1⤵
- System Location Discovery: System Language Discovery
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4KB