Analysis
-
max time kernel
122s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
15-11-2024 18:07
Behavioral task
behavioral1
Sample
Beefy.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
Beefy.exe
Resource
win10v2004-20241007-en
General
-
Target
Beefy.exe
-
Size
72KB
-
MD5
8d644c8cb9c08d33b5efc8e05a8f11dd
-
SHA1
a49b9fd9d7f04bdac19a86b622e4e569bb1650e1
-
SHA256
af345887a4ce62f171ce80e9b33e15162084005c0822043cfb98d184f59564c2
-
SHA512
6a76a8a0d51d39d4a9d0c3fc8d3e4d9fc02447d581aa4e3764d1954aa24af2cbf1aa226501a2ceb77fb2bf17f7e782a71762bf80f4fda706e58b8eb5a928da61
-
SSDEEP
1536:IJ38g1mLWXgJRsdNQBGPkDKfYgPP3VUoMb+KR0Nc8QsJq39:rg1mqgJ+iKln3/e0Nc8QsC9
Malware Config
Extracted
metasploit
windows/reverse_http
http://89.197.154.116:7810/zSdh2fOnHbxXsVawMIWCYACx57hqb-0HPJ9d_yJc3uEhyk7nmoL6t7VGArbUPm32BG-
Signatures
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Metasploit family
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes:
Beefy.exedescription ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language Beefy.exe