metasploit | 196626c4ab34aa296ba159c9f2c349a8df73a663a3d7e638e5adfe35bd5114e4 | Triage

Analysis

max time kernel
148s
max time network
152s
platform
windows7_x64
resource
win7-20230712-en
resource tags

arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
submitted
08/08/2023, 11:43

Sharing

Report Analysis Logs

General

Target

window.exe
Size

72KB
MD5

2f82af88dca9081dbd679477913b0e78
SHA1

c031a96df21563a10e1c1c15217535659640285e
SHA256

196626c4ab34aa296ba159c9f2c349a8df73a663a3d7e638e5adfe35bd5114e4
SHA512

d5ccc1ad992052c47f474fd466f0a95c4925a109f3153e82d4f004ea410ec9edbb9510b77e5905171d2c5b67f54ea3a784c486538cd3cabb600514993af92199
SSDEEP

1536:ICqSJRUJDFY9oKr2ZMHUbls8BMb+KR0Nc8QsJq39:fRU/1GKls8Be0Nc8QsC9

Score

10^/10

metasploit backdoor trojan

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

192.168.88.196:5656

Signatures

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit

C:\Users\Admin\AppData\Local\Temp\window.exe
"C:\Users\Admin\AppData\Local\Temp\window.exe"
1⤵
PID:2476

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2476-54-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download