metasploit | 4c32d37b3cdcd4c345012a832191192b05dda501f444aa5d4ce17037b36eac23 | Triage

Analysis

max time kernel
18s
max time network
119s
platform
windows10_x64
resource
win10v20201028
submitted
28-11-2020 01:05

Sharing

Report Analysis Logs

General

Target

166.exe
Size

14KB
MD5

d04c8789ef1d1c939eeddf843ffc3d23
SHA1

6ba8e4a6d3006876cece1e105da552f04ed2d77c
SHA256

4c32d37b3cdcd4c345012a832191192b05dda501f444aa5d4ce17037b36eac23
SHA512

7cc16141428f9617f078e39a61f769bdf2a78f1c8c552b0f3f0e67035bc27e3bf37fd12bbb613970319f9fe1189e90090c8636a786d6880b805bf38a868028a3

Score

10^/10

metasploit backdoor trojan

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://185.153.199.166:80/pj8J

Attributes

headers User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; BOIE9;NLNL)

Signatures

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit

C:\Users\Admin\AppData\Local\Temp\166.exe
"C:\Users\Admin\AppData\Local\Temp\166.exe"
1⤵
PID:4680

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4680-2-0x0000000000030000-0x0000000000031000-memory.dmp

Filesize
4KB

Download