Analysis
-
max time kernel
147s -
max time network
148s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
14-11-2024 01:26
General
-
Target
aaf0e4c95885e873653512f8960b638afffd1d75baa7643b5aef0af639eebff9.exe
-
Size
72KB
-
MD5
b67fa90f16305df7456b9e9c1cc524e7
-
SHA1
3ba77e55ce1e78287e7302b88530eb9e7b0d31e0
-
SHA256
aaf0e4c95885e873653512f8960b638afffd1d75baa7643b5aef0af639eebff9
-
SHA512
eb87d2c48765c14905fc9a78579b14e9e7c1dca82b46f48cffad4f463813ab431c0347014f84fb4bcf4c2c8c3f4c29e3671e76eb285e1b3f1092b274aee4621d
-
SSDEEP
1536:IrAFRruPSLO3oeEXiOn+q7MAx2PY3w2aMb+KR0Nc8QsJq39:6AFRqP134iOn+q7Wyw2ae0Nc8QsC9
Score
10/10
Malware Config
Extracted
Family
metasploit
Version
windows/reverse_tcp
C2
192.168.127.251:8080
Signatures
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Metasploit family
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes
-
C:\Users\Admin\AppData\Local\Temp\aaf0e4c95885e873653512f8960b638afffd1d75baa7643b5aef0af639eebff9.exe"C:\Users\Admin\AppData\Local\Temp\aaf0e4c95885e873653512f8960b638afffd1d75baa7643b5aef0af639eebff9.exe"1⤵
- System Location Discovery: System Language Discovery
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4KB