metasploit | 8efda396c4cefd4a05b3721afa4501faa64223cd70c1e74a7c3cc30c0f6faa99

Analysis

max time kernel
140s
max time network
117s
platform
windows7_x64
resource
win7-20240215-en
resource tags

arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
submitted
06/03/2024, 11:30

Target

b74997e08e5d20f7cb926e1d25fe2c56.exe
Size

408KB
MD5

b74997e08e5d20f7cb926e1d25fe2c56
SHA1

857ae5bbe53af5af4a998939da69fdddfcb3e256
SHA256

8efda396c4cefd4a05b3721afa4501faa64223cd70c1e74a7c3cc30c0f6faa99
SHA512

7081905004a55129808739082444c267c23360268ebcfe9a008b1b6cd20138e6a1b86319cedfeb2b917e808f5bf7987757ac1d70b6ce2f82d1db0eab2a1a4a46
SSDEEP

6144:a0fuVNQIvXC5wxQQdhfV7bBtUwg1G3TfnOkcNF6g8cLYaiZSh1JP15:a0fuVnawxXdfbBtUn1G3bnQ/LsZA15

Score

10^/10

Family

metasploit

Version

encoder/shikata_ga_nai

Family

metasploit

Version

windows/reverse_tcp

192.168.1.106:1234

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit

C:\Users\Admin\AppData\Local\Temp\b74997e08e5d20f7cb926e1d25fe2c56.exe
"C:\Users\Admin\AppData\Local\Temp\b74997e08e5d20f7cb926e1d25fe2c56.exe"
1⤵
PID:1244

memory/1244-0-0x0000000000400000-0x0000000000465000-memory.dmp

Filesize
404KB

Download