metasploit | 7031eae4a4b95dbb5d6dc3f74e54652e5eb3d2c90d20212099a5e7491f5f0b2b

Analysis

max time kernel
134s
max time network
131s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
01-10-2023 08:23

Target

7031eae4a4b95dbb5d6dc3f74e54652e5eb3d2c90d20212099a5e7491f5f0b2b.exe
Size

37KB
MD5

c594c5493da4ea8ff6183ddd84314413
SHA1

1f97e3771f71e85e263c08138c5822cd5cf5e9b8
SHA256

7031eae4a4b95dbb5d6dc3f74e54652e5eb3d2c90d20212099a5e7491f5f0b2b
SHA512

e40ecb264602bc609cd6ed8d2e82142ab62678e312bf36954c3627285b01e02c9a9b1d5628ecbf50f04c7b3285da04881fc962351eaff200c3d1f46c950a9260
SSDEEP

384:s0CFBZdQ8ZfmsxLYenWnpPO0sfjLxr4wPhVZwaBl7qHTRxj:sDFBZ+8NHxLYkWnpWT1hVvBl7mRp

Score

10^/10

Family

metasploit

Version

windows/download_exec

http://123.60.171.65:7878/FtRP

Attributes

headers User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; BOIE9;ENUS)

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit

C:\Users\Admin\AppData\Local\Temp\7031eae4a4b95dbb5d6dc3f74e54652e5eb3d2c90d20212099a5e7491f5f0b2b.exe
"C:\Users\Admin\AppData\Local\Temp\7031eae4a4b95dbb5d6dc3f74e54652e5eb3d2c90d20212099a5e7491f5f0b2b.exe"
1⤵
PID:984

memory/984-0-0x0000000000890000-0x00000000008AF000-memory.dmp

Filesize
124KB

Download
memory/984-1-0x00000000005D0000-0x00000000005D1000-memory.dmp

Filesize
4KB

Download
memory/984-3-0x0000000000890000-0x00000000008AF000-memory.dmp

Filesize
124KB

Download