metasploit | e040040b65422449f0a09632d479d61af870f5568c56a6d61d7ceeb28b41a1c5 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

8

EXCELntDonut_C#.xlsm

windows7-x64

EXCELntDonut_C#.xlsm

windows10-2004-x64

1

Sharing

General

Target

EXCELntDonut_C#.xlsm
Size

166KB
Sample

220930-yxe12sefd5
MD5

6e395d5f298ca0268e4f43b7837195d5
SHA1

9f106e7846e4af5d5a460217d6f176e1ac1013fe
SHA256

e040040b65422449f0a09632d479d61af870f5568c56a6d61d7ceeb28b41a1c5
SHA512

6bf223132a4c8647f8e9769c62e8c045d849250e00a22f21b8bab08294b36c6690857c8fae2defb0f79cfd1e2eb8643ba9d93424cf89d55ec44fd5d90d0f0277
SSDEEP

3072:WojFkkaj7+OyONOdjSps+j3NUVGfzXPrNW3gnIiQjGuHmkUWBYofGUh:pRk7j7+3OEdey+jdTbXDNW3gnOmkUWBD

Score

10^/10

metasploit backdoor macro trojan xlm

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

EXCELntDonut_C#.xlsm

Resource

win7-20220901-en

metasploit backdoor trojan

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

EXCELntDonut_C#.xlsm

Resource

win10v2004-20220812-en

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Language

xlm4.0

Source

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

192.168.1.6:1234

Targets

- Target
  
  EXCELntDonut_C#.xlsm
- Size
  
  166KB
- MD5
  
  6e395d5f298ca0268e4f43b7837195d5
- SHA1
  
  9f106e7846e4af5d5a460217d6f176e1ac1013fe
- SHA256
  
  e040040b65422449f0a09632d479d61af870f5568c56a6d61d7ceeb28b41a1c5
- SHA512
  
  6bf223132a4c8647f8e9769c62e8c045d849250e00a22f21b8bab08294b36c6690857c8fae2defb0f79cfd1e2eb8643ba9d93424cf89d55ec44fd5d90d0f0277
- SSDEEP
  
  3072:WojFkkaj7+OyONOdjSps+j3NUVGfzXPrNW3gnIiQjGuHmkUWBYofGUh:pRk7j7+3OEdey+jdTbXDNW3gnOmkUWBD
Score

10^/10

metasploit backdoor trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

© 2018-2025

Terms | Privacy