metasploit | 426d8158c48d4852ebbbff53de071fc7f4abaa14f52364b0ff5b63cc206327ce | Triage

Analysis

max time kernel
28s
max time network
30s
platform
windows7_x64
resource
win7-20230220-en
resource tags

arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
submitted
12-06-2023 11:51

Sharing

Report Analysis Logs

General

Target

09648199.exe
Size

72KB
MD5

a0e3f3007c3be658ba7629b9b3a187dd
SHA1

c69c38668ce4eadf2c546ee605187d3affe89951
SHA256

426d8158c48d4852ebbbff53de071fc7f4abaa14f52364b0ff5b63cc206327ce
SHA512

8fcbf7fc82e5772daa754bd41143591fdfd1d71f40146b84a760c1369a99f0f1226eb6de1f1ba856f4186995cbb552aed459a360984c783a948abc4190334a3b
SSDEEP

1536:IeRUTzpuLpxh95SO4KLph2L1vHMb+KR0Nc8QsJq39:9RgSxhNph2LVHe0Nc8QsC9

Score

10^/10

metasploit backdoor trojan

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

159.223.189.221:4444

Signatures

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit

C:\Users\Admin\AppData\Local\Temp\09648199.exe
"C:\Users\Admin\AppData\Local\Temp\09648199.exe"
1⤵
PID:2028

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2028-54-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download