Analysis

  • max time kernel
    118s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    01-12-2024 13:00

General

  • Target

    e838929d2cd15646c7c5ecbeca160b7495b09668b64b17946abfdcd23cdfc36bN.exe

  • Size

    63KB

  • MD5

    46ef3213d29821a2c4bac9fca9990dd0

  • SHA1

    a81ab7a2914794b5e9ea92491c13d69539e59744

  • SHA256

    e838929d2cd15646c7c5ecbeca160b7495b09668b64b17946abfdcd23cdfc36b

  • SHA512

    c39998bcc2db23d79f62c323cf1e57d02096ddc1353246b22aba27b79bcaf4645fb223fe63a5fe7c7ace2f8ae7a75f5ce8f7286072a1f3b643fe386d81f0b583

  • SSDEEP

    384:sb5Dn14aBRPxi6qE3eTvaunyAYsUx0JIFItDzx1/Uq+QHzYylC9jI/QfBhQAQRPH:8BR8YGyhs0lFOXUBGTC9FBdQzA89J

Malware Config

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

192.168.235.129:1234

Signatures

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

  • Metasploit family

Processes

  • C:\Users\Admin\AppData\Local\Temp\e838929d2cd15646c7c5ecbeca160b7495b09668b64b17946abfdcd23cdfc36bN.exe
    "C:\Users\Admin\AppData\Local\Temp\e838929d2cd15646c7c5ecbeca160b7495b09668b64b17946abfdcd23cdfc36bN.exe"
    1⤵
      PID:2652

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2652-0-0x000000013F2C0000-0x000000013F2E8000-memory.dmp

      Filesize

      160KB

    • memory/2652-1-0x000000013F2C0000-0x000000013F2E8000-memory.dmp

      Filesize

      160KB

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.