metasploit | 013bb5ea2d163409cdad34f882c151db05da4e4dcd50fe68049f27e6e4454694 | Triage

Submit
Reports

Overview

overview

Static

static

a7385206a5...67.exe

windows7_x64

a7385206a5...67.exe

windows10_x64

Analysis

max time kernel
146s
max time network
152s
platform
windows10_x64
resource
win10v20201028
submitted
19-11-2020 13:15

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

a7385206a51f983247ee46f08d750167.exe

Resource

win7v20201028

metasploit backdoor trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

a7385206a51f983247ee46f08d750167.exe

Resource

win10v20201028

metasploit backdoor trojan

windows10_x64

0 signatures

0 seconds

Report Analysis Logs

General

Target

a7385206a51f983247ee46f08d750167.exe
Size

308KB
MD5

a7385206a51f983247ee46f08d750167
SHA1

c311c6a3bbb7a3cdaea4aff121a57eb928f3d0a6
SHA256

013bb5ea2d163409cdad34f882c151db05da4e4dcd50fe68049f27e6e4454694
SHA512

e61a7a95947a827bf51714e2ec26b7365e5311d76ca576ff1aa33ec8b3b06576e821643c968ed7cfd396daaa9988a97a6533b81c5c95955e8002ee151c77a96b

Score

10^/10

metasploit backdoor trojan

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://tcpsessionsconnect.com:443/sKJT

Signatures

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit

Processes

C:\Users\Admin\AppData\Local\Temp\a7385206a51f983247ee46f08d750167.exe
"C:\Users\Admin\AppData\Local\Temp\a7385206a51f983247ee46f08d750167.exe"
1⤵
PID:1304

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1304-0-0x0000000000540000-0x0000000000541000-memory.dmp

Filesize
4KB

Download

© 2018-2024

Terms | Privacy