Analysis
-
max time kernel
106s -
max time network
115s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
31/12/2024, 15:25
General
-
Target
7f18795ef9dcd0618342aa93d7a1ad78fd5d207b7c8d1503cc3061fc5cf3ba97N.exe
-
Size
72KB
-
MD5
af17be0d07ce6f93626ceb4f333a80f0
-
SHA1
033fd89384017dcd2d9e185fcd408e31297f4ec6
-
SHA256
7f18795ef9dcd0618342aa93d7a1ad78fd5d207b7c8d1503cc3061fc5cf3ba97
-
SHA512
2c29949e6e32e055f3e6f448b962cbb0f12ba29b8fafe2e2560150095dfa0bcfda6fa4d0fe2a5bc4e6223b2260f2efc335f6c6ee33d9cc67a39404109618ed8f
-
SSDEEP
1536:IbAHMYKVZUuvaVuKaD3WuZBXvMAYmg+X4AlMb+KR0Nc8QsJq39:urULaDDEOFe0Nc8QsC9
Score
10/10
Malware Config
Extracted
Family
metasploit
Version
windows/reverse_tcp
C2
192.168.2.234:4444
Signatures
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Metasploit family
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes
-
C:\Users\Admin\AppData\Local\Temp\7f18795ef9dcd0618342aa93d7a1ad78fd5d207b7c8d1503cc3061fc5cf3ba97N.exe"C:\Users\Admin\AppData\Local\Temp\7f18795ef9dcd0618342aa93d7a1ad78fd5d207b7c8d1503cc3061fc5cf3ba97N.exe"1⤵
- System Location Discovery: System Language Discovery
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4KB