metasploit | c4231eeedc4fd41bbfab2656580b0677c7dfbfd1481a3aeea47af5e176754d20

Analysis

max time kernel
134s
max time network
155s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
11/10/2023, 06:10

Target

c4231eeedc4fd41bbfab2656580b0677c7dfbfd1481a3aeea47af5e176754d20.exe
Size

36KB
MD5

aec1548cd32bcbbf6136a915e22cd446
SHA1

ca12522a4f1fcb8a0293c14415054bbe017f84a8
SHA256

c4231eeedc4fd41bbfab2656580b0677c7dfbfd1481a3aeea47af5e176754d20
SHA512

5ae92a0a746454bb20d12974a84ae77e8509a767fe53d6b7ef6cefcbfc3f8ebacd44ada0c0d30868f45b83a010c563e2e4fc3876cefa8056902d897bad14eb0f
SSDEEP

384:5wMZNMmMg7pMj0pdO3e+jCBwPhVZcDdFB8AHYw:5wMgPgVMj0pENhVmBFB8T

Score

10^/10

Family

metasploit

Version

windows/download_exec

http://123.60.171.65:7878/WhFW

Attributes

headers User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; MANM)

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit

C:\Users\Admin\AppData\Local\Temp\c4231eeedc4fd41bbfab2656580b0677c7dfbfd1481a3aeea47af5e176754d20.exe
"C:\Users\Admin\AppData\Local\Temp\c4231eeedc4fd41bbfab2656580b0677c7dfbfd1481a3aeea47af5e176754d20.exe"
1⤵
PID:4720

memory/4720-0-0x0000000000330000-0x000000000034F000-memory.dmp

Filesize
124KB

Download
memory/4720-1-0x0000000001450000-0x0000000001451000-memory.dmp

Filesize
4KB

Download
memory/4720-2-0x0000000000330000-0x000000000034F000-memory.dmp

Filesize
124KB

Download