Overview

overview

10

Static

static

10

18b6bd8318...7f.exe

windows7-x64

10

18b6bd8318...7f.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    118s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    05-04-2024 10:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    18b6bd8318f4e6b70b2f57a2b6c172d6b90b3eae1c797f4e06d8e52e9620777f.exe

  • Size

    684KB

  • MD5

    11df096574ba5a27675fb1b5dac560c3

  • SHA1

    4c76ba0da415d7d3533ea8899acf2115b6455e85

  • SHA256

    18b6bd8318f4e6b70b2f57a2b6c172d6b90b3eae1c797f4e06d8e52e9620777f

  • SHA512

    b9e66e18d2f382ae41f5f057cf4952adaf2df0a8b429816e4c4153593386d2f515d8ab42956502ab244f988f4c4173c47f652ca4c960ba0781277be030e8f4e7

  • SSDEEP

    6144:Y23p1powQbXysiYrLAzRRm/X/JD6EBkfxsjd8DP+xGoDkPKgP7Z4dR5Be5GSoU:Y2np+XylYrL+i4EBYxsCb+0oDqCH5Up

Score
10/10
metasploitbackdoortrojan

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

127.0.0.1:4445

Signatures

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit

Processes

  • C:\Users\Admin\AppData\Local\Temp\18b6bd8318f4e6b70b2f57a2b6c172d6b90b3eae1c797f4e06d8e52e9620777f.exe
    "C:\Users\Admin\AppData\Local\Temp\18b6bd8318f4e6b70b2f57a2b6c172d6b90b3eae1c797f4e06d8e52e9620777f.exe"
    1⤵
      PID:2932

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2932-0-0x0000000000240000-0x0000000000241000-memory.dmp

      Filesize

      4KB

      Download