metasploit | e65859d18047e2f4a37d4dfc0bbf52c91eab2de03336ec9bfdd1b28fc4404874 | Triage

Analysis

max time kernel
134s
max time network
141s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
06-01-2024 10:24

Sharing

Report Analysis Logs

General

Target

3cd73cef386d459c94ad333d9afbdd21.exe
Size

320KB
MD5

3cd73cef386d459c94ad333d9afbdd21
SHA1

2cba9cf96baa6a47494e9d38e3ff9645b9e6e2bc
SHA256

e65859d18047e2f4a37d4dfc0bbf52c91eab2de03336ec9bfdd1b28fc4404874
SHA512

46ff8cc57b90d42754056b3d3f1bc5bcbcae10b8134f66d49dcff4c281f242a8860fc2427af488525fb0bf51494259527ac9bc37ba0d17d72372c18e8e202723
SSDEEP

6144:LoYkAATvc9J/awIq6k7Et+IvtYcqadxSb6Nl9vX:5QZLyeGcqadxSuNXvX

Score

10^/10

metasploit backdoor trojan

Malware Config

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

92.253.102.95:4444

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Signatures

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit

C:\Users\Admin\AppData\Local\Temp\3cd73cef386d459c94ad333d9afbdd21.exe
"C:\Users\Admin\AppData\Local\Temp\3cd73cef386d459c94ad333d9afbdd21.exe"
1⤵
PID:2852

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2852-0-0x0000000000400000-0x000000000047B000-memory.dmp

Filesize
492KB

Download
memory/2852-1-0x0000000000230000-0x0000000000231000-memory.dmp

Filesize
4KB

Download
memory/2852-2-0x0000000000400000-0x000000000047B000-memory.dmp

Filesize
492KB

Download