Overview

overview

10

Static

static

6cccb5d5df...e8.exe

windows7-x64

10

6cccb5d5df...e8.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    132s
  • max time network
    147s
  • platform
    windows7_x64
  • resource
    win7-20220715-en
  • resource tags

    arch:x64arch:x86image:win7-20220715-enlocale:en-usos:windows7-x64system
  • submitted
    24-07-2022 14:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6cccb5d5df4317b9da54b45992561ec6124a1d4a95a44840cd0a31d64a29d0e8.exe

  • Size

    7KB

  • MD5

    1d8821328f9fc88c8da224d0a3e0dacb

  • SHA1

    b45c0074fd3a534287c0280b877f7d81fb9b39b5

  • SHA256

    6cccb5d5df4317b9da54b45992561ec6124a1d4a95a44840cd0a31d64a29d0e8

  • SHA512

    d178a8536d74c39ad0099838a749d9ec71c5ec0f4ef4fe9ee6a635be9d22d5028387a7bdd97c03f6b0dc1afd7b9dfec1285394ca68f99c5e1b2331c9214e39e3

Score
10/10
metasploitbackdoortrojan

Malware Config

Extracted

Family

metasploit

Version

metasploit_stager

C2

192.168.0.33:4444

Signatures

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit

Processes

  • C:\Users\Admin\AppData\Local\Temp\6cccb5d5df4317b9da54b45992561ec6124a1d4a95a44840cd0a31d64a29d0e8.exe
    "C:\Users\Admin\AppData\Local\Temp\6cccb5d5df4317b9da54b45992561ec6124a1d4a95a44840cd0a31d64a29d0e8.exe"
    1⤵
      PID:288

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/288-54-0x0000000140000000-0x00000001400042A0-memory.dmp

      Filesize

      16KB

      Download