metasploit | a12f989c4d2259bd58487c97cd17fe3d36b2bd91d4a0ace9f3dd07cb8f8dd686 | Triage

Submit
Reports

Overview

overview

Static

static

reverse.exe

windows7-x64

reverse.exe

windows10-2004-x64

Analysis

max time kernel
156s
max time network
173s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
12-10-2023 03:02

Sharing

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

reverse.exe

Resource

win7-20230831-en

metasploit backdoor trojan

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

reverse.exe

Resource

win10v2004-20230915-en

metasploit backdoor trojan

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

reverse.exe
Size

72KB
MD5

d0159349934aeb698f8c74f0f105ad82
SHA1

66135c4184120f051719a470336edb49caa3dcc1
SHA256

a12f989c4d2259bd58487c97cd17fe3d36b2bd91d4a0ace9f3dd07cb8f8dd686
SHA512

10477dd83299ba070dcea1024115b42e69ac2ae3c320a2967f1cf5367c23f1bbea0762222b562245a960f38ea5859822f2f1fdf91516d6730c2e84d6f1c43b98
SSDEEP

1536:IgAP1X5Wr628C6KZq9e8Mb+KR0Nc8QsJq39:XAP/W22DY9e8e0Nc8QsC9

Score

10^/10

metasploit backdoor trojan

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

34.142.247.189:4444

Signatures

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit

Processes

C:\Users\Admin\AppData\Local\Temp\reverse.exe
"C:\Users\Admin\AppData\Local\Temp\reverse.exe"
1⤵
PID:2560

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2560-0-0x0000000000870000-0x0000000000871000-memory.dmp

Filesize
4KB

Download

© 2018-2025

Terms | Privacy