metasploit | 57356df9cd083cd31790465b9b27700a5640cad51bd955f6079cdfb6e85070a9 | Triage

Submit
Reports

Overview

overview

Static

static

shell.exe

windows7-x64

shell.exe

windows10-2004-x64

Analysis

max time kernel
138s
max time network
123s
platform
windows10-2004_x64
resource
win10v2004-20240412-en
resource tags

arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
submitted
26-04-2024 11:42

Sharing

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

shell.exe

Resource

win7-20240221-en

metasploit backdoor trojan

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

shell.exe

Resource

win10v2004-20240412-en

metasploit backdoor trojan

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

shell.exe
Size

72KB
MD5

23e866e481cd0f5df47d4476ca3d569d
SHA1

7ad8fc4769743135f453bc0dc664217bba156ca5
SHA256

57356df9cd083cd31790465b9b27700a5640cad51bd955f6079cdfb6e85070a9
SHA512

f3fd64b492900a7f6ae2ee41a66dce0c4bc2a74c2071782c526b86701091efc95643349d3d869ed2b04eeabc564f48917de1b3885adb7720087d26d03a1364c4
SSDEEP

1536:Iv/4jG+EH8wWV/q7h5E8Uz6Bcu/Kj2Xt0Mb+KR0Nc8QsJq39:y/Uhv/q7hbB/Sjst0e0Nc8QsC9

Score

10^/10

metasploit backdoor trojan

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

159.89.2.73:443

Signatures

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit

Processes

C:\Users\Admin\AppData\Local\Temp\shell.exe
"C:\Users\Admin\AppData\Local\Temp\shell.exe"
1⤵
PID:1900

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1900-0-0x0000000000590000-0x0000000000591000-memory.dmp

Filesize
4KB

Download

© 2018-2024

Terms | Privacy