Analysis
-
max time kernel
95s -
max time network
139s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system -
submitted
11-11-2024 20:03
Behavioral task
behavioral1
Sample
40005fcb24f43151e5908a2fef29863b4398b212120b62b67e4976601bf77f79.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
40005fcb24f43151e5908a2fef29863b4398b212120b62b67e4976601bf77f79.exe
Resource
win10v2004-20241007-en
General
-
Target
40005fcb24f43151e5908a2fef29863b4398b212120b62b67e4976601bf77f79.exe
-
Size
72KB
-
MD5
e3ac4f4fa2e0d0d9cc80d20454d319a6
-
SHA1
3cb87b6a669598965645c752e617b1877cce9783
-
SHA256
40005fcb24f43151e5908a2fef29863b4398b212120b62b67e4976601bf77f79
-
SHA512
256d2a6a3930dee71a671c82d789a2bad0742a386f421f3ed0c558063f8d4d70fe48c4b527589c3873c8a1ffda83be21784cd9ccf63a69afd3520e28f729f7be
-
SSDEEP
1536:IJvTSdXzy9dUvDhTKjNvlfsqogqMb+KR0Nc8QsJq39:qLSZy9WTSns/e0Nc8QsC9
Malware Config
Extracted
metasploit
encoder/shikata_ga_nai
Signatures
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Metasploit family
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes:
40005fcb24f43151e5908a2fef29863b4398b212120b62b67e4976601bf77f79.exedescription ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 40005fcb24f43151e5908a2fef29863b4398b212120b62b67e4976601bf77f79.exe