metasploit | b3db745668a1b882a48a6f5f97f3524f6b31114f138edb182b2894303f425288

Analysis

max time kernel
141s
max time network
145s
platform
windows7_x64
resource
win7-20240221-en
resource tags

arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
submitted
06-05-2024 05:51

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

lol.exe
Size

72KB
MD5

e135fa9a71dec3a960c3d731d1645177
SHA1

c5db1787485a285cfbea66c0c392352aecea7f65
SHA256

95a2dfc7b16a6017ecd82f6acd368ccbdd3a932ac4168cadbe9676ec9f537d67
SHA512

a46984478e5267c7704ad93e4354baea9bcafc0a3f231334e5e0b5a68e3458d931b9f3ebcc1098b04ac092ed5335456eb8a3a1160ead2ba5bbc6030abdb2924b
SSDEEP

1536:IBq3u01QQTN4mhggQhoNOcgK3CuscMFMb+KR0Nc8QsJq39:P+02Q6mhVQhPcn+VFe0Nc8QsC9

Score

10^/10

metasploit backdoor trojan

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_http

http://79.131.106.35:4443/p6-554zfUv74CfkIow8KNAF8plvlnNQjzVTtInW-l2IgliMjYhITaPECiUyr54ABKKUdRhCdNpRVLh_Vqi_zYCXORWU4Yj5wyczYFirrwehVu3WDq8t-5oirmGBVwOZWtsF56TBJl3e4i5WR-hkNc8JENWhjDVBjCoS5DcBRiJVWmybvPloFIEhABIVCJsOsKuTnr0QqRejxiisy8l8XRYsYwajFkPdjkAebwGbwJPZp7U6

Signatures

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit

C:\Users\Admin\AppData\Local\Temp\lol.exe
"C:\Users\Admin\AppData\Local\Temp\lol.exe"
1⤵
PID:2208

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2208-0-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download