metasploit | 68bb17cec2ebb9e71fe2540139a6684a05bdbe1076e5629c9364455dfee2be54

Analysis

max time kernel
149s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20231222-en
resource tags

arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
submitted
06-01-2024 22:02

Target

68bb17cec2ebb9e71fe2540139a6684a05bdbe1076e5629c9364455dfee2be54.exe
Size

14KB
MD5

5901ffd81bc7cf0b482d1787db90b35f
SHA1

d4641af5d76f4f9009720c01b26fd5eec267191d
SHA256

68bb17cec2ebb9e71fe2540139a6684a05bdbe1076e5629c9364455dfee2be54
SHA512

05c39fe60512efe6139c16aa7c10adf0371683add9542a4828d850356248f04c29af61dddeeda6dd6d9476565c4aa178ef9799d8075cfe9e811a4d05fc645ded
SSDEEP

192:L3mbPYCfMcrfOIuZmvKQxtzlSIVX6NOxn2cYmo72oejDMN1:yMCfrfQ6tBSIfVYmo7peUN1

Score

10^/10

Family

metasploit

Version

windows/download_exec

http://192.168.19.133:80/NIxM

Attributes

headers User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0; MAGWJS)

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit

C:\Users\Admin\AppData\Local\Temp\68bb17cec2ebb9e71fe2540139a6684a05bdbe1076e5629c9364455dfee2be54.exe
"C:\Users\Admin\AppData\Local\Temp\68bb17cec2ebb9e71fe2540139a6684a05bdbe1076e5629c9364455dfee2be54.exe"
1⤵
PID:3016

memory/3016-0-0x0000000000100000-0x0000000000101000-memory.dmp

Filesize
4KB

Download
memory/3016-1-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/3016-3-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download