Extracted

• • Target

    7403160cc0b5c66baf0919c5979827a6

  • Size

    241KB

  • MD5

    7403160cc0b5c66baf0919c5979827a6

  • SHA1

    33654f0ed237e3dde8d2ce094c1dca952e9bd8c7

  • SHA256

    8175d65ea18612e0f05830b00fc3206d0d06b5641d3baec3e22f16753a9725d7

  • SHA512

    52463cc919df34bf503ce5781d10dcdc757cb8d82e05c6eef89ba5b66b3c4697aaa88ea9984cf8c6e88b12b3b340430735dcb108b7f68dd2d13b6cffc98ecc26

  • SSDEEP

    6144:qHrDUxK2rhRV1TYIFKM4e+hV5oWhiMr63niRurrfr:xbhRV5Ygkbh87diRur

  Score

  10^/10

  metasploitbackdoortrojanupx

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit

  • Deletes itself

  • Executes dropped EXE

  • Loads dropped DLL

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx

  • Maps connected drives based on registry

    Disk information is often read in order to detect sandboxing environments.

  • Drops file in System32 directory

  behavioral1behavioral2