Overview

overview

10

Static

static

3

cc5acd57f7...6e.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    94s
  • max time network
    97s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11-05-2024 05:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    cc5acd57f78807bc561e8a688f5d906d5ac7beddbda48951ac561192fe1e656e.exe

  • Size

    69KB

  • MD5

    7e037c1fc278735fd34292a5e1667c77

  • SHA1

    08f8607dff533eb8602e94cc0c55093f1a2938d8

  • SHA256

    cc5acd57f78807bc561e8a688f5d906d5ac7beddbda48951ac561192fe1e656e

  • SHA512

    dba3a559cbb88c968dc1742bfa79589d58216a248f8e03177a4e8a67ddcf72ccce2381efd39bb5516bf15d923200e849f7db2e3c1a4c80888f3e1083df7b189d

  • SSDEEP

    768:WJhltaUs7FfIAkILCh2cF8+fEhCR37OikUBEDJJH7SELEgmrmQO:W9tadddZe2cUIFTkUuGixQO

Score
10/10
metasploitbackdoortrojan

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://windowshostnamehost.club:443/BCub

Signatures

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit
  • Program crash 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\cc5acd57f78807bc561e8a688f5d906d5ac7beddbda48951ac561192fe1e656e.exe
    "C:\Users\Admin\AppData\Local\Temp\cc5acd57f78807bc561e8a688f5d906d5ac7beddbda48951ac561192fe1e656e.exe"
    1⤵
      PID:2252
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 2252 -s 1916
        2⤵
        • Program crash
        PID:2712
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 2252 -ip 2252
      1⤵
        PID:4712

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/2252-0-0x0000000000660000-0x0000000000685000-memory.dmp

        Filesize

        148KB

        Download

      • memory/2252-1-0x0000000000DB0000-0x0000000000DB1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2252-2-0x0000000003870000-0x0000000003C70000-memory.dmp

        Filesize

        4.0MB

        Download

      • memory/2252-3-0x0000000000660000-0x0000000000685000-memory.dmp

        Filesize

        148KB

        Download