metasploit | d0e5285fe9b088e978c509362fdf75941c77b0fb23debb887756ce5788debd1e | Triage

Submit
Reports

Overview

overview

Static

static

payload.exe

windows7-x64

payload.exe

windows10-2004-x64

Analysis

max time kernel
143s
max time network
127s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
18-03-2023 18:04

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

payload.exe

Resource

win7-20230220-en

metasploit backdoor trojan

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

payload.exe

Resource

win10v2004-20230220-en

metasploit backdoor trojan

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

payload.exe
Size

72KB
MD5

8ad29cb0f555d9d731a0297398471471
SHA1

8d0bba3ffb93f7703967a38c218ed0005d5864e2
SHA256

d0e5285fe9b088e978c509362fdf75941c77b0fb23debb887756ce5788debd1e
SHA512

5d92a5974ce2dad1d1f4f38bf536628a41dbca7958e49307db96309bd52e434fba536264ababe7f475a7393008c8993f0d7e2bfea9a1bd5c7b397e1ad74a03bc
SSDEEP

1536:IoSP4iez1x3sdxG21HpLhcm20XzBpMb+KR0Nc8QsJq39:5SP4iehx3sdcqHp+Ta9pe0Nc8QsC9

Score

10^/10

metasploit backdoor trojan

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_http

C2

http://172.104.151.130:443/Bt91Z_aOtaOQKJEp9CUxeQ55A-Te9W1q1kBEU05THKgoIlJzUnn0r5rW1QvIrDe4UODMYaV9A1AXpNtZSL8OGJK6dy8bQgz4HsUYRJ051dPi-xHYj9xMthL1SniijpYXP0lEyalFaTt0elsl2l1B

Signatures

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit

Processes

C:\Users\Admin\AppData\Local\Temp\payload.exe
"C:\Users\Admin\AppData\Local\Temp\payload.exe"
1⤵
PID:4360

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4360-133-0x0000000000560000-0x0000000000561000-memory.dmp

Filesize
4KB

Download

© 2018-2024

Terms | Privacy