Analysis
-
max time kernel
147s -
max time network
148s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
26/03/2025, 12:09
General
-
Target
eda7de543b8702f222066978cc5c67a97aaeab52ccc0d85f79265f2326cc3b48.exe
-
Size
72KB
-
MD5
3f50069fedd251d2eef51703b05b4a86
-
SHA1
eb54f786a8be9e48bb442150c5db81dec1345829
-
SHA256
eda7de543b8702f222066978cc5c67a97aaeab52ccc0d85f79265f2326cc3b48
-
SHA512
8192fe5a1a8a1be3c82187fc86cf40e89371776d7bfc84a039603d3d667ceb699efb4d5ec60999aa943be7db3d93b67ce68e9d666edb2a54701e79d5114a22a5
-
SSDEEP
1536:I8yFGkzANrabd9BGPiNDtBCDMb+KR0Nc8QsJq39:RWGkzAsbtGPi/Qe0Nc8QsC9
Score
10/10
Malware Config
Extracted
Family
metasploit
Version
windows/reverse_tcp
C2
192.168.1.12:4455
Signatures
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Metasploit family
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes
-
C:\Users\Admin\AppData\Local\Temp\eda7de543b8702f222066978cc5c67a97aaeab52ccc0d85f79265f2326cc3b48.exe"C:\Users\Admin\AppData\Local\Temp\eda7de543b8702f222066978cc5c67a97aaeab52ccc0d85f79265f2326cc3b48.exe"1⤵
- System Location Discovery: System Language Discovery
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4KB