Analysis
-
max time kernel
105s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20241010-en -
resource tags
-
submitted
25-11-2024 06:09
General
-
Target
3cacf0654a57ff781cc7ae7b38aff2c038cb845473905ec2ace68972b41d422cN.exe
-
Size
72KB
-
MD5
1cf179e93366cef479c15a068a11fd90
-
SHA1
b3bf3c34c1abbe05f476c542c32f794919d86a3b
-
SHA256
3cacf0654a57ff781cc7ae7b38aff2c038cb845473905ec2ace68972b41d422c
-
SHA512
a2df0c3f6e05caa1fe0490cd413719d89091dfb39fccf2f5e1f52d213615db58b9f4193aa5bba6d659e1713548770fbc65fd73f521deb5bafd9002d22b9cc0f8
-
SSDEEP
1536:IsYZQxnqbz5toWGchY0Y7Mj7YqfqLHMb+KR0Nc8QsJq39:hSGqbz5xs7o1fqDe0Nc8QsC9
Score
10/10
Malware Config
Extracted
Family
metasploit
Version
windows/reverse_tcp
C2
192.168.1.1:22
Signatures
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Metasploit family
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes
-
C:\Users\Admin\AppData\Local\Temp\3cacf0654a57ff781cc7ae7b38aff2c038cb845473905ec2ace68972b41d422cN.exe"C:\Users\Admin\AppData\Local\Temp\3cacf0654a57ff781cc7ae7b38aff2c038cb845473905ec2ace68972b41d422cN.exe"1⤵
- System Location Discovery: System Language Discovery
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4KB