metasploit | eca04626386ed44a1f7024e0a0b8af126b2e211823054a34f7d77a7d92540ec9 | Triage

Analysis

max time kernel
128s
max time network
132s
platform
windows7_x64
resource
win7v20201028
submitted
17-11-2020 15:20

Sharing

Report Analysis Logs

General

Target

d75bf112a0f7b47a854ac2bdb9ef910c.exe
Size

2.9MB
MD5

1181c8e6ffb5000a73ac9e5a42d54d4b
SHA1

00b64c60aaa577baf384d828605ec724d5b837ce
SHA256

eca04626386ed44a1f7024e0a0b8af126b2e211823054a34f7d77a7d92540ec9
SHA512

c6d7a3daaaf8db1e2034ccc4fee7f83c0e994621464840eacf456165c758b62f151b38a2a93a7ea06fea4e2e12b1e954c1b7232c766b3a78ae98d77133390dba

Score

10^/10

metasploit backdoor trojan upx

Malware Config

Signatures

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit

UPX packed file 3 IoCs

Detects executables packed with UPX/modified UPX open source packer.

Processes:

resource	yara_rule
behavioral1/memory/2028-0-0x0000000000400000-0x0000000000A1B000-memory.dmp	upx
behavioral1/memory/2028-1-0x0000000000400000-0x0000000000A1B000-memory.dmp	upx
behavioral1/memory/2028-2-0x0000000000400000-0x0000000000A1B000-memory.dmp	upx

C:\Users\Admin\AppData\Local\Temp\d75bf112a0f7b47a854ac2bdb9ef910c.exe
"C:\Users\Admin\AppData\Local\Temp\d75bf112a0f7b47a854ac2bdb9ef910c.exe"
1⤵
PID:2028

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1996-3-0x000007FEF63F0000-0x000007FEF666A000-memory.dmp

Filesize
2.5MB

Download
memory/2028-0-0x0000000000400000-0x0000000000A1B000-memory.dmp

Filesize
6.1MB

Download
memory/2028-1-0x0000000000400000-0x0000000000A1B000-memory.dmp

Filesize
6.1MB

Download
memory/2028-2-0x0000000000400000-0x0000000000A1B000-memory.dmp

Filesize
6.1MB

Download