Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

09648199.exe

windows7-x64

10

09648199.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    28s
  • max time network
    30s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    12/06/2023, 11:51 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    09648199.exe

  • Size

    72KB

  • MD5

    a0e3f3007c3be658ba7629b9b3a187dd

  • SHA1

    c69c38668ce4eadf2c546ee605187d3affe89951

  • SHA256

    426d8158c48d4852ebbbff53de071fc7f4abaa14f52364b0ff5b63cc206327ce

  • SHA512

    8fcbf7fc82e5772daa754bd41143591fdfd1d71f40146b84a760c1369a99f0f1226eb6de1f1ba856f4186995cbb552aed459a360984c783a948abc4190334a3b

  • SSDEEP

    1536:IeRUTzpuLpxh95SO4KLph2L1vHMb+KR0Nc8QsJq39:9RgSxhNph2LVHe0Nc8QsC9

Score
10/10
metasploitbackdoortrojan

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

159.223.189.221:4444

Signatures

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit

Processes

  • C:\Users\Admin\AppData\Local\Temp\09648199.exe
    "C:\Users\Admin\AppData\Local\Temp\09648199.exe"
    1⤵
      PID:2028

    Network

      No results found
    • 159.223.189.221:4444
      09648199.exe
      1.5kB
       1.2kB
       30
      30
    No results found

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2028-54-0x0000000000020000-0x0000000000021000-memory.dmp

      Filesize

      4KB

      Download

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.