metasploit | 0dd40fe630ecb852099bbbcda53d9e137a65b4414ab876159beb86bcf562f256 | Triage

Submit
Reports

Overview

overview

Static

static

tmp.exe

windows7-x64

tmp.exe

windows10-2004-x64

Analysis

max time kernel
139s
max time network
156s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
10/04/2024, 19:34

Sharing

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

tmp.exe

Resource

win7-20240319-en

metasploit backdoor trojan

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

tmp.exe

Resource

win10v2004-20240226-en

metasploit backdoor trojan

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

tmp.exe
Size

72KB
MD5

157a98fa945374e37a3f02b8e5282914
SHA1

efe42ed93cba4fe8d66000fab738965ac3a07e29
SHA256

0dd40fe630ecb852099bbbcda53d9e137a65b4414ab876159beb86bcf562f256
SHA512

6c7034447c8a76a36b90f4dba0c6d099481d329c83f25a699eec71d71072ad97bdf9c4c5bce781f87744bdb98f2a49704874b2f64e5694ef6b3dd381fdeee538
SSDEEP

1536:ItBYbt/kFbdUxHkV6yX2PAPH1rXmeAtjw6mMb+KR0Nc8QsJq39:uObtcFBp5FH1rXjkjwNe0Nc8QsC9

Score

10^/10

metasploit backdoor trojan

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

20.151.94.183:4453

Signatures

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit

Processes

C:\Users\Admin\AppData\Local\Temp\tmp.exe
"C:\Users\Admin\AppData\Local\Temp\tmp.exe"
1⤵
PID:3672

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=5164 --field-trial-handle=3084,i,4016110471176367543,14287608422419064331,262144 --variations-seed-version /prefetch:8
1⤵
PID:4448

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3672-0-0x0000000000770000-0x0000000000771000-memory.dmp

Filesize
4KB

Download

© 2018-2025

Terms | Privacy