metasploit | 581161958f310fcd2d2290fcc19e96f6147ec54c823716a254ce736456bd6e20 | Triage

Submit
Reports

Overview

overview

Static

static

mmcrs.exe

windows7-x64

mmcrs.exe

windows10-2004-x64

Analysis

max time kernel
140s
max time network
155s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
19-09-2023 05:55

Sharing

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

mmcrs.exe

Resource

win7-20230831-en

metasploit backdoor trojan

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

mmcrs.exe

Resource

win10v2004-20230915-en

metasploit backdoor trojan

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

mmcrs.exe
Size

72KB
MD5

2a4ff8bcbfbc729836f391285cd25262
SHA1

9b1a1aa9f2d22ac8c4406ce7cec5c0904a53b6b9
SHA256

581161958f310fcd2d2290fcc19e96f6147ec54c823716a254ce736456bd6e20
SHA512

86811e7fbaecf226418c0a2f08e42a2af548544152fcb21658f5fb5c07e93b7b058ab61e41b983e77831fcc24062c412325befdcba7e87a177221c608b618bc2
SSDEEP

1536:IX1pw9BfVP3K35LodC0vESMb+KR0Nc8QsJq39:iO9JVvuME0vESe0Nc8QsC9

Score

10^/10

metasploit backdoor trojan

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

161.97.172.47:443

Signatures

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit

Processes

C:\Users\Admin\AppData\Local\Temp\mmcrs.exe
"C:\Users\Admin\AppData\Local\Temp\mmcrs.exe"
1⤵
PID:5092

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/5092-0-0x0000000000870000-0x0000000000871000-memory.dmp

Filesize
4KB

Download

© 2018-2024

Terms | Privacy