Analysis
-
max time kernel
105s -
max time network
114s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
-
submitted
24-11-2024 21:56
General
-
Target
6d8112f6fb3b7137b5ec3151d7f76c52470d54fded95dfc3a37fa621b8b8e9e2.exe
-
Size
72KB
-
MD5
69661b2c08bd0f8b6934712518daf7bb
-
SHA1
3154398453a8f51665ca72fffb3402d76f0dfc02
-
SHA256
6d8112f6fb3b7137b5ec3151d7f76c52470d54fded95dfc3a37fa621b8b8e9e2
-
SHA512
23c16e064b5c5d6b3c22ab39a265f9c0d251ea54438d4b07c72249864d25215edf1e00c1a8484cfc14cd1380f8a9c884b12f36edb527534fba3d7a8c4ebb96be
-
SSDEEP
1536:IA++tJJmwo7EiROyKUTBmzNlCU63UYIp5Mb+KR0Nc8QsJq3f:jztrmwKOyK8BIlC93bge0Nc8QsCf
Score
10/10
Malware Config
Extracted
Family
metasploit
Version
windows/reverse_tcp
C2
192.168.153.1:4444
Signatures
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Metasploit family
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes
-
C:\Users\Admin\AppData\Local\Temp\6d8112f6fb3b7137b5ec3151d7f76c52470d54fded95dfc3a37fa621b8b8e9e2.exe"C:\Users\Admin\AppData\Local\Temp\6d8112f6fb3b7137b5ec3151d7f76c52470d54fded95dfc3a37fa621b8b8e9e2.exe"1⤵
- System Location Discovery: System Language Discovery
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4KB