metasploit | d31c3152837a19700b108291ab821b3b06a9459dda12cb90267bfd6d2090a377 | Triage

Analysis

max time kernel
133s
max time network
146s
platform
windows7_x64
resource
win7-20230220-en
resource tags

arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
submitted
15/03/2023, 20:42

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

4dad41d722ac8507714ce138b72bf96c.exe
Size

72KB
MD5

4dad41d722ac8507714ce138b72bf96c
SHA1

91105b00a10b13525d8f3d1428fc147851e7da6e
SHA256

d31c3152837a19700b108291ab821b3b06a9459dda12cb90267bfd6d2090a377
SHA512

4ac8a1b5341f6e43538a5ff0c4c2402952882a66f9e5c9aab8be3f6d6cae5bb07ee096eb810e579824d8a583828724cbf2ccc7c45d6442c5908f3bf1e8968fe1
SSDEEP

1536:IwX1x33bD7f4+YlOUnkBHgg6WFMb+KR0Nc8QsJq39:Vf37fTUkHggze0Nc8QsC9

Score

10^/10

metasploit backdoor trojan

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

3.137.123.63:28193

Signatures

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit

C:\Users\Admin\AppData\Local\Temp\4dad41d722ac8507714ce138b72bf96c.exe
"C:\Users\Admin\AppData\Local\Temp\4dad41d722ac8507714ce138b72bf96c.exe"
1⤵
PID:1720

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1720-54-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download