metasploit | 618e641017a7e9e05f8b3725c33842960d81e77a74fcfd59710b563ba643a849

Analysis

max time kernel
130s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
30-03-2024 20:02

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

618e641017a7e9e05f8b3725c33842960d81e77a74fcfd59710b563ba643a849.exe
Size

72KB
MD5

c7f615807c1eebbc86f256c6645ae62d
SHA1

6fbd0b4356663aca75813668316e91d661894548
SHA256

618e641017a7e9e05f8b3725c33842960d81e77a74fcfd59710b563ba643a849
SHA512

1377a96b5c1e3aa708232d0ead649c50c8530adcab4b2a65911f7b3162c142683cdd725abed19887257f61a11a593f4e3f184217d3821ff0534d407d1eea84d6
SSDEEP

1536:I/7JqdcTKsHHK3xRXNAXNAtU0NpIjMb+KR0Nc8QsJq39:W7JscTKsHq3NwAHpMe0Nc8QsC9

Score

10^/10

metasploit backdoor trojan

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_http

http://10.0.2.15:8080/s-LzZqARVMZrS2pKDU4ZsAzR2ydVAWV_iTXh_bLY0yUF3XA9YpQcfHr0PEVHcI927mcahdihLd924j-9SV0oeEzlxPBayKewpxt_eeX2fNLWQIusTgaN--L7mUYK7X39nla1DDeBmfrkb4r4-4txYiuNq896-c7MJMrCqIg_KSwbJLEBs1gk852yDY9CMuh

Signatures

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit

C:\Users\Admin\AppData\Local\Temp\618e641017a7e9e05f8b3725c33842960d81e77a74fcfd59710b563ba643a849.exe
"C:\Users\Admin\AppData\Local\Temp\618e641017a7e9e05f8b3725c33842960d81e77a74fcfd59710b563ba643a849.exe"
1⤵
PID:3632

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3632-0-0x0000000000670000-0x0000000000671000-memory.dmp

Filesize
4KB

Download