Analysis
-
max time kernel
118s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
25-11-2024 21:25
General
-
Target
7fef0da287b9ccc486ec48e0bb6821a2b4f3930a54d988fc9294adc246a24074N.exe
-
Size
72KB
-
MD5
e456eeae2a0015c0548e0d0da9cf80e0
-
SHA1
44b0cb7d6420325c2105c7e8b3439dd398e1f082
-
SHA256
7fef0da287b9ccc486ec48e0bb6821a2b4f3930a54d988fc9294adc246a24074
-
SHA512
eee1f68144e82ffcf101304102ed9b668fd008fd9a001d571b1cba0741673a71643657c400ed1e3ee6877acfde2e4350d527953098fbe855995dc81b69afe147
-
SSDEEP
1536:ISwGL2a/+jRIm79P7ZXdNePcijOhMb+KR0Nc8QsJq39:Vwra/KT7ZXL7e0Nc8QsC9
Score
10/10
Malware Config
Extracted
Family
metasploit
Version
windows/reverse_tcp
C2
192.168.242.1:4444
Signatures
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Metasploit family
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes
-
C:\Users\Admin\AppData\Local\Temp\7fef0da287b9ccc486ec48e0bb6821a2b4f3930a54d988fc9294adc246a24074N.exe"C:\Users\Admin\AppData\Local\Temp\7fef0da287b9ccc486ec48e0bb6821a2b4f3930a54d988fc9294adc246a24074N.exe"1⤵
- System Location Discovery: System Language Discovery
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4KB