Analysis
-
max time kernel
95s -
max time network
102s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
-
submitted
18-11-2024 12:56
General
-
Target
f251768f2c40c06729bfed16ac6310f5f5c9dd6a236cbe8239a2cb16810ae24c.exe
-
Size
15KB
-
MD5
668c03a107e49387e5fd22c9748ff16d
-
SHA1
59fbf420e00ad1a7ff5d17c6545423900327d4c4
-
SHA256
f251768f2c40c06729bfed16ac6310f5f5c9dd6a236cbe8239a2cb16810ae24c
-
SHA512
b84e746c5ebf68c6071466c177801a62a27687b132b231d470fa4553f733ff9053f9d402b9f9ea4104139214730bc7d6c5e4364d6e3a90605ceb3c42fb8cc432
-
SSDEEP
96:5NW2nVVyXhorAlhNHc2BywoAJPQYi3K1DntAfdomPdHWsyz7w7bp:risAlh9pBpbtQYQK5YouI1s7bp
Score
10/10
Malware Config
Extracted
Family
metasploit
Version
windows/shell_bind_tcp
Signatures
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Metasploit family
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes
-
C:\Users\Admin\AppData\Local\Temp\f251768f2c40c06729bfed16ac6310f5f5c9dd6a236cbe8239a2cb16810ae24c.exe"C:\Users\Admin\AppData\Local\Temp\f251768f2c40c06729bfed16ac6310f5f5c9dd6a236cbe8239a2cb16810ae24c.exe"1⤵
- System Location Discovery: System Language Discovery
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
36KB
-
Filesize
36KB