Analysis
-
max time kernel
106s -
max time network
116s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system -
submitted
21-12-2024 22:58
Behavioral task
behavioral1
Sample
70497bada46a1cf9557c2c749dde07a86e7704b4f300ec0665928cab00018ac7N.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
70497bada46a1cf9557c2c749dde07a86e7704b4f300ec0665928cab00018ac7N.exe
Resource
win10v2004-20241007-en
General
-
Target
70497bada46a1cf9557c2c749dde07a86e7704b4f300ec0665928cab00018ac7N.exe
-
Size
72KB
-
MD5
d67cf1185c24a192f5cc4fae6e8e4a30
-
SHA1
15899a1dd7c1a1354d4936a848737a966a89559a
-
SHA256
70497bada46a1cf9557c2c749dde07a86e7704b4f300ec0665928cab00018ac7
-
SHA512
ef4e7dd31d2d5046e381c8b4f9c7099a749aed89f54d1f6c61496e65dab01ef5dffa0769ef407a0ea41c44aa1fe5b70082feb9ea000250d3105c7181704251c2
-
SSDEEP
1536:IfizxyZmYxeuofx16zZOMb9fBKYs+OF4Mb+KR0Nc8QsJq39:bzsZmieuofX6zZ13s+64e0Nc8QsC9
Malware Config
Extracted
metasploit
windows/reverse_tcp
192.168.0.106:5555
Signatures
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Metasploit family
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 70497bada46a1cf9557c2c749dde07a86e7704b4f300ec0665928cab00018ac7N.exe