metasploit | a10072a0037b23482b8e4a102a6c64de469358e8c18bf8f7aa23c9200bba848f | Triage

Analysis

max time kernel
136s
max time network
149s
platform
windows7_x64
resource
win7-20230220-en
resource tags

arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
submitted
14-03-2023 12:09

Sharing

Report Analysis Logs

General

Target

tmp.exe
Size

7KB
MD5

7cbdbf052429f6dc905b3039878b54eb
SHA1

a462b7835e15f7800ac709b85ab234972d5727aa
SHA256

a10072a0037b23482b8e4a102a6c64de469358e8c18bf8f7aa23c9200bba848f
SHA512

7c9154a1689025ea933f35a075eabc4ee8e4c6339f2062eb6446195234143e27ef6e9daf948664d168f6507a64cf5508ceee9c076d5cb70f7b001c127d56fbcd
SSDEEP

24:eFGStrJ9u0/6n1nZdkBQAVKHac+BXKtRqyeNDMSCvOXpmB:is021kBQvHR+BXKvSD9C2kB

Score

10^/10

metasploit backdoor trojan

Malware Config

Extracted

Family

metasploit

Version

metasploit_stager

C2

54.167.12.37:9001

Signatures

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit

C:\Users\Admin\AppData\Local\Temp\tmp.exe
"C:\Users\Admin\AppData\Local\Temp\tmp.exe"
1⤵
PID:2020

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2020-54-0x0000000140000000-0x0000000140004278-memory.dmp

Filesize
16KB

Download