metasploit | 47a778e80efbe683d7fe6cedaaf538d5c31107dc9d110351f18bd3882fa95673 | Triage

Submit
Reports

Overview

overview

Static

static

3

47a778e80e...73.exe

windows7-x64

1

47a778e80e...73.exe

windows10-2004-x64

Analysis

max time kernel
143s
max time network
157s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
21-04-2024 21:16

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

47a778e80efbe683d7fe6cedaaf538d5c31107dc9d110351f18bd3882fa95673.exe

Resource

win7-20240221-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

47a778e80efbe683d7fe6cedaaf538d5c31107dc9d110351f18bd3882fa95673.exe

Resource

win10v2004-20240226-en

metasploit backdoor trojan

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

47a778e80efbe683d7fe6cedaaf538d5c31107dc9d110351f18bd3882fa95673.exe
Size

72KB
MD5

66b06121146fb3cd9d61a8992668dd8b
SHA1

052010c68e55c6fd0fe87f9b4ca75cfb2e0a0b58
SHA256

47a778e80efbe683d7fe6cedaaf538d5c31107dc9d110351f18bd3882fa95673
SHA512

e446d1fcb7732dd5047f0de895f4e3f48d4e8925690650fcdc6be136f06c2e1e8fb8b511d9133841ca031ef5a9d991ab0527f1d262b162d3c0a00116dc03812b
SSDEEP

1536:Iq2xFgaZikt/LdN7dM9LsKLr9GI5MgyFMb+KR0Nc8QsJq39:R2xb59n7C9FX9tMgce0Nc8QsC9

Score

10^/10

metasploit backdoor trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/fnstenv_mov

Signatures

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit

Processes

C:\Users\Admin\AppData\Local\Temp\47a778e80efbe683d7fe6cedaaf538d5c31107dc9d110351f18bd3882fa95673.exe
"C:\Users\Admin\AppData\Local\Temp\47a778e80efbe683d7fe6cedaaf538d5c31107dc9d110351f18bd3882fa95673.exe"
1⤵
PID:4744

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=1408 --field-trial-handle=2276,i,5697607538120380977,9987005253899555344,262144 --variations-seed-version /prefetch:8
1⤵
PID:968

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4744-0-0x0000000000490000-0x0000000000491000-memory.dmp

Filesize
4KB

Download

© 2018-2024

Terms | Privacy