metasploit | 430d60f453344f082985ceb2b331cabcebe3d8fdf8378920439d06cc59ec36ab

Analysis

max time kernel
140s
max time network
139s
platform
windows7_x64
resource
win7-20231129-en
resource tags

arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
submitted
05/01/2024, 12:00

Target

43a36388ef63137ec70521f8c9e4eb77.exe
Size

234KB
MD5

43a36388ef63137ec70521f8c9e4eb77
SHA1

1a75c7b4c45b15a817ed53caa6bbc2b16c4e310f
SHA256

430d60f453344f082985ceb2b331cabcebe3d8fdf8378920439d06cc59ec36ab
SHA512

d1bdd40acf4574f78c9f264d95218cfd976a5c26e50f6806130bb3a1bc16ac8964f6aaa7e8e9b65d86878b6430e9dda36b6ac92a13a10c2f5cd9f4fcc1bb4476
SSDEEP

3072:liREcnMTBlx0qclTfZZ2Ln6GSN/UmCaMnjU/Fz:liRCTBX0qSTfKLn/SN/YasUd

Score

10^/10

Family

metasploit

Version

encoder/shikata_ga_nai

Family

metasploit

Version

windows/reverse_tcp

192.168.100.53:4444

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit

C:\Users\Admin\AppData\Local\Temp\43a36388ef63137ec70521f8c9e4eb77.exe
"C:\Users\Admin\AppData\Local\Temp\43a36388ef63137ec70521f8c9e4eb77.exe"
1⤵
PID:1848

memory/1848-0-0x0000000000400000-0x000000000043C000-memory.dmp

Filesize
240KB

Download