metasploit | bba91dfb3b43d8d9690bf3f508bb002197a0abb6047d1fe9cafc36c08c49aab4

Analysis

max time kernel
152s
max time network
159s
platform
windows7_x64
resource
win7-20230831-en
resource tags

arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
submitted
11/10/2023, 20:07

Target

bba91dfb3b43d8d9690bf3f508bb002197a0abb6047d1fe9cafc36c08c49aab4.exe
Size

6KB
MD5

87134d2df66f9865d5e173c0c9aa9f83
SHA1

6d7be1b1add2538be3d61cc5b4cde34def26dee8
SHA256

bba91dfb3b43d8d9690bf3f508bb002197a0abb6047d1fe9cafc36c08c49aab4
SHA512

c415a87f03eb1e0874e0191621d971d263acb56fc4467190d706ca8a8470197b25db99e46e68bc543aa8b6e977a3d8f0c3dedb995a87903d1ecb70a542e1901b
SSDEEP

96:Xqhv+tzYWEvxuFHpmAiNIL9kHo2ywfyt//VzNt:KRvxCJTj6o7w2v

Score

10^/10

Family

metasploit

Version

encoder/shikata_ga_nai

Family

metasploit

Version

windows/reverse_tcp

192.168.40.129:3344

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit

C:\Users\Admin\AppData\Local\Temp\bba91dfb3b43d8d9690bf3f508bb002197a0abb6047d1fe9cafc36c08c49aab4.exe
"C:\Users\Admin\AppData\Local\Temp\bba91dfb3b43d8d9690bf3f508bb002197a0abb6047d1fe9cafc36c08c49aab4.exe"
1⤵
PID:2456

memory/2456-0-0x00000000747F0000-0x0000000074EDE000-memory.dmp

Filesize
6.9MB

Download
memory/2456-1-0x0000000000AC0000-0x0000000000AC8000-memory.dmp

Filesize
32KB

Download
memory/2456-2-0x0000000000370000-0x0000000000371000-memory.dmp

Filesize
4KB

Download
memory/2456-3-0x0000000000370000-0x0000000000371000-memory.dmp

Filesize
4KB

Download
memory/2456-4-0x00000000747F0000-0x0000000074EDE000-memory.dmp

Filesize
6.9MB

Download