metasploit | 9321b65c7154812d0c79ce0780fecea005c503d74b3775bb457b287593cfdd92 | Triage

Submit
Reports

Overview

overview

Static

static

reverse.exe

windows7-x64

reverse.exe

windows10-2004-x64

Analysis

max time kernel
150s
max time network
157s
platform
windows10-2004_x64
resource
win10v2004-20231023-en
resource tags

arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system
submitted
17/11/2023, 21:42

Sharing

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

reverse.exe

Resource

win7-20231023-en

metasploit backdoor trojan

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

reverse.exe

Resource

win10v2004-20231023-en

metasploit backdoor trojan

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

reverse.exe
Size

7KB
MD5

783a0f507b27f25489101cb3bcc3b3d8
SHA1

153eb52c1996b23124e330cbace600f011c98872
SHA256

9321b65c7154812d0c79ce0780fecea005c503d74b3775bb457b287593cfdd92
SHA512

b74e65a47f119966a56ffb172d2311a4333a00879f78cc91940db6cdc4632e17cd47ca0188d5076f8a1674ad32b09fdfe762857178765f23515f62227d1e421b
SSDEEP

24:eFGStrJ9u0/63uYnZdkBQAV2GY+1KLqBxeNDMSCvOXpmB:is0nskBQR+1vSD9C2kB

Score

10^/10

metasploit backdoor trojan

Malware Config

Extracted

Family

metasploit

Version

metasploit_stager

C2

153.127.59.134:10001

Signatures

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit

Processes

C:\Users\Admin\AppData\Local\Temp\reverse.exe
"C:\Users\Admin\AppData\Local\Temp\reverse.exe"
1⤵
PID:4312

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4312-0-0x0000000140000000-0x0000000140004278-memory.dmp

Filesize
16KB

Download

© 2018-2025

Terms | Privacy