Analysis
-
max time kernel
104s -
max time network
141s -
platform
windows10-2004_x64 -
resource
win10v2004-20250314-en -
resource tags
-
submitted
27/03/2025, 05:16
General
-
Target
910f08368c08b139a951918b47ac7e0a23ca8f461bb319538ad17916819255bf.exe
-
Size
101KB
-
MD5
acd127570e0b879782b2419590e51efe
-
SHA1
d73f0445d15d05d5702b920a0e78b1cf4fb80003
-
SHA256
910f08368c08b139a951918b47ac7e0a23ca8f461bb319538ad17916819255bf
-
SHA512
62ddfe1ef1328c6c6b5109d8adb0965c8fa8570c2f491723f6db0c47703b4a59ba8bb47125d779276fc22eef67908349e198f4e160174fb3d18d7d79316e54f2
-
SSDEEP
3072:NcvEtWJiOhjSfQepzDy6LFyw5Er9iv4woOY86QN4m:ekoOieor9MB
Score
10/10
Malware Config
Extracted
Family
metasploit
Version
windows/download_exec
C2
http://162.14.110.99:54333/AtcD
Attributes
- headers User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0; BOIE9;ENUS)
Signatures
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Metasploit family
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
Processes
-
C:\Users\Admin\AppData\Local\Temp\910f08368c08b139a951918b47ac7e0a23ca8f461bb319538ad17916819255bf.exe"C:\Users\Admin\AppData\Local\Temp\910f08368c08b139a951918b47ac7e0a23ca8f461bb319538ad17916819255bf.exe"1⤵
- System Location Discovery: System Language Discovery
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
4KB