Overview

overview

10

Static

static

10

123.exe

windows7-x64

10

123.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    147s
  • max time network
    148s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    20-04-2024 12:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    123.exe

  • Size

    72KB

  • MD5

    bdef7408bf3cbfe6092e7d2eb60d338f

  • SHA1

    abee68ec1d7885585b63008dae23f23a800a8b56

  • SHA256

    73a266c516feb79d3ee190ad0ec0d72a838d020017a2478b82929372481dac24

  • SHA512

    2ce1337b55bad61e5c9d4b82ebe9bddeed5e4a6f10bab755aa125512fa8d0ffef6861e7b71bd367f156d27a42aba2b1250c67fb13b6498c056656ba959644d30

  • SSDEEP

    1536:IiHeF+V7dOUF5vVIEzJlAAiMj/7iI1XLMb+KR0Nc8QsJq39:z6+Vhv5vzzJWM3iIVLe0Nc8QsC9

Score
10/10
metasploitbackdoortrojan

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

192.168.0.110:4444

Signatures

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit

Processes

  • C:\Users\Admin\AppData\Local\Temp\123.exe
    "C:\Users\Admin\AppData\Local\Temp\123.exe"
    1⤵
      PID:2792

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2792-0-0x0000000000020000-0x0000000000021000-memory.dmp
      Filesize

      4KB

      Download