metasploit | 3e530565b80d7f9a93e99a68ab17d6f26e5288f7112e22bff6f4c8f862f8598e

Analysis

max time kernel
149s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240412-en
resource tags

arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
submitted
22-04-2024 00:14

Target

3e530565b80d7f9a93e99a68ab17d6f26e5288f7112e22bff6f4c8f862f8598e.exe
Size

14KB
MD5

a1017ab69e81c16c8dc8e349e8545907
SHA1

b13878c502285591b13a0d514069668ef29b86a0
SHA256

3e530565b80d7f9a93e99a68ab17d6f26e5288f7112e22bff6f4c8f862f8598e
SHA512

046884c67efb56831f56f3e2e06dc765346f598ca1423f4335047683c46e99ef7df5d48d8bc2604f0bf7516e15cfcfc0e24226d8dc789bdb9ff8703613cb4059
SSDEEP

192:i3mbPYCfMcrfOIuZmvKQxtzlSIVX6NOjUBSdejDMN1:5MCfrfQ6tBSILeUN1

Score

10^/10

Family

metasploit

Version

windows/download_exec

http://192.168.199.140:80/9Ler

Attributes

headers User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0; BOIE9;ENUS)

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit

C:\Users\Admin\AppData\Local\Temp\3e530565b80d7f9a93e99a68ab17d6f26e5288f7112e22bff6f4c8f862f8598e.exe
"C:\Users\Admin\AppData\Local\Temp\3e530565b80d7f9a93e99a68ab17d6f26e5288f7112e22bff6f4c8f862f8598e.exe"
1⤵
PID:2904

memory/2904-0-0x00000000001D0000-0x00000000001D1000-memory.dmp

Filesize
4KB

Download
memory/2904-1-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/2904-3-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download