metasploit | 74fb788e4405f8a8aeba15f88cf316479548f9727a6f9a75ec8def34a530f75e

Analysis

max time kernel
144s
max time network
156s
platform
windows7_x64
resource
win7-20221111-en
resource tags

arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
submitted
29/11/2022, 07:44

Target

74fb788e4405f8a8aeba15f88cf316479548f9727a6f9a75ec8def34a530f75e.exe
Size

216KB
MD5

e700d4f113b0463aadfcf94b13caa67a
SHA1

097326fea43754383db1092e82631cb5b557c73a
SHA256

74fb788e4405f8a8aeba15f88cf316479548f9727a6f9a75ec8def34a530f75e
SHA512

5452da056bc2bcfcf223140a2500e512b8a53e1237a6b006100644fa37bb94d0f0971a2643cd25b8969222e56ae939dc71a03f7d3215ae2f3c6920202d6c3b6b
SSDEEP

3072:zHS9aUqpGuDrQ4H+PBV/d+Ql38oAdubOd9cfeBiguSUIVWyJKMdqd0iQMqN8GQc/:zHdPXuMQlDSubOHrigZUqDJ00D6GQH

Score

10^/10

Family

metasploit

Version

encoder/shikata_ga_nai

Family

metasploit

Version

windows/shell_reverse_tcp

192.168.86.129:443

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit

C:\Users\Admin\AppData\Local\Temp\74fb788e4405f8a8aeba15f88cf316479548f9727a6f9a75ec8def34a530f75e.exe
"C:\Users\Admin\AppData\Local\Temp\74fb788e4405f8a8aeba15f88cf316479548f9727a6f9a75ec8def34a530f75e.exe"
1⤵
PID:1324

memory/1324-54-0x0000000074F01000-0x0000000074F03000-memory.dmp

Filesize
8KB

Download
memory/1324-55-0x0000000000400000-0x0000000000453000-memory.dmp

Filesize
332KB

Download
memory/1324-56-0x0000000000400000-0x0000000000453000-memory.dmp

Filesize
332KB

Download