Analysis
-
max time kernel
106s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
-
submitted
22-11-2024 18:49
General
-
Target
419963ad21256cf115661f8a783b6cd274c5c32c6358dd5152da31ec8e5ada01N.exe
-
Size
72KB
-
MD5
756f487d3cd0a3fad3ca40d32fa12a60
-
SHA1
f8f0f96dd155e9c63a3c18776a497f21acc99cac
-
SHA256
419963ad21256cf115661f8a783b6cd274c5c32c6358dd5152da31ec8e5ada01
-
SHA512
63f5bbe53e0a2804968f4c3f21fef991891c2bb0d58b1b7e06349e9345f5a5118b8ad6e429275a7a15b12cb944c3412dd0a7061358f52e648e800889ecb473b5
-
SSDEEP
1536:Ip2FBWkGQR9XUAIDuY1dibdyDDThMb+KR0Nc8QsJq39:A2ukb9kvuGdibdynThe0Nc8QsC9
Score
10/10
Malware Config
Extracted
Family
metasploit
Version
windows/reverse_tcp
C2
192.168.5.213:4446
Signatures
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Metasploit family
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes
-
C:\Users\Admin\AppData\Local\Temp\419963ad21256cf115661f8a783b6cd274c5c32c6358dd5152da31ec8e5ada01N.exe"C:\Users\Admin\AppData\Local\Temp\419963ad21256cf115661f8a783b6cd274c5c32c6358dd5152da31ec8e5ada01N.exe"1⤵
- System Location Discovery: System Language Discovery
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4KB