Analysis
-
max time kernel
105s -
max time network
113s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
-
submitted
16-12-2024 15:05
General
-
Target
a68188e5baab5f84f49515e58d56cdc4d679a0e0f11eeeb9a540692b0946d346N.exe
-
Size
72KB
-
MD5
fa66f1e2a3b9a2a7fce2f4d7b890d550
-
SHA1
c82a62c1f964ca818e7cbe6eb1b6005fa3f89d9d
-
SHA256
a68188e5baab5f84f49515e58d56cdc4d679a0e0f11eeeb9a540692b0946d346
-
SHA512
48fc972a4c4dacae235ed5e3723f6bd6326689b5d8af5a0d8823771c1e51c4f787e504fa911f7fafd29dcde1fc7a6b6c75c2aa6ed6d1d7107079ebba6f843eb4
-
SSDEEP
1536:IWxAnFGUK3FJKK0S6nczUi0rLVjeenf3HG6Mb+KR0Nc8QsJq39:5xwGUCf1q5LfVe0Nc8QsC9
Score
10/10
Malware Config
Extracted
Family
metasploit
Version
windows/reverse_tcp
C2
10.10.9.41:8888
Signatures
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Metasploit family
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes
-
C:\Users\Admin\AppData\Local\Temp\a68188e5baab5f84f49515e58d56cdc4d679a0e0f11eeeb9a540692b0946d346N.exe"C:\Users\Admin\AppData\Local\Temp\a68188e5baab5f84f49515e58d56cdc4d679a0e0f11eeeb9a540692b0946d346N.exe"1⤵
- System Location Discovery: System Language Discovery
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4KB