Overview

overview

10

Static

static

10

96ee6f493a...9d.exe

windows7-x64

10

96ee6f493a...9d.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    150s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08/01/2024, 23:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    96ee6f493aa2d4d806828e8d72baa1e7064d03c08e8f244c71e9c94a9830619d.exe

  • Size

    101KB

  • MD5

    ed98bf7c3250a016272ed50a296df826

  • SHA1

    1797f6087c7bcd53acd6af8adec978eb3ada9688

  • SHA256

    96ee6f493aa2d4d806828e8d72baa1e7064d03c08e8f244c71e9c94a9830619d

  • SHA512

    b621d654c90e092f81acc7a2b81541e0484840e7235ce694d48bcc51a41174f85cf12f42e503b47244668d4f69e9abb93fed6bd0d5d7ed481c8b4482f38aa54c

  • SSDEEP

    1536:4gfyUym97SukSaErDY1TpKwbukSaErD/1Tp3:R97yG/YTKwFG//T3

Score
10/10
metasploitbackdoortrojan

Malware Config

Extracted

Family

metasploit

Version

metasploit_stager

C2

192.168.24.117:4444

Signatures

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit

Processes

  • C:\Users\Admin\AppData\Local\Temp\96ee6f493aa2d4d806828e8d72baa1e7064d03c08e8f244c71e9c94a9830619d.exe
    "C:\Users\Admin\AppData\Local\Temp\96ee6f493aa2d4d806828e8d72baa1e7064d03c08e8f244c71e9c94a9830619d.exe"
    1⤵
      PID:1996

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1996-0-0x0000000000400000-0x000000000041CC5E-memory.dmp

      Filesize

      115KB

      Download