metasploit | 2784464e93f1f7cc843abbe2a9cbc4762c6846cb900004218df08bc33b3e65d4 | Triage

Submit
Reports

Overview

overview

Static

static

2784464e93...d4.exe

windows7-x64

2784464e93...d4.exe

windows10-2004-x64

$PLUGINSDI...ns.dll

windows7-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows7-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

$PLUGINSDI...gs.dll

windows7-x64

3

$PLUGINSDI...gs.dll

windows10-2004-x64

3

Analysis

max time kernel
125s
max time network
130s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
14-05-2024 11:16

Sharing

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

2784464e93f1f7cc843abbe2a9cbc4762c6846cb900004218df08bc33b3e65d4.exe

Resource

win7-20240221-en

metasploit backdoor trojan

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

2784464e93f1f7cc843abbe2a9cbc4762c6846cb900004218df08bc33b3e65d4.exe

Resource

win10v2004-20240508-en

metasploit backdoor trojan

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral3

Sample

$PLUGINSDIR/InstallOptions.dll

Resource

win7-20240221-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral4

Sample

$PLUGINSDIR/InstallOptions.dll

Resource

win10v2004-20240508-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral5

Sample

$PLUGINSDIR/System.dll

Resource

win7-20240419-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral6

Sample

$PLUGINSDIR/System.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral7

Sample

$PLUGINSDIR/nsDialogs.dll

Resource

win7-20240220-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral8

Sample

$PLUGINSDIR/nsDialogs.dll

Resource

win10v2004-20240426-en

windows10-2004-x64

2 signatures

150 seconds

Report Analysis Logs

General

Target

2784464e93f1f7cc843abbe2a9cbc4762c6846cb900004218df08bc33b3e65d4.exe
Size

4.5MB
MD5

55e68911f4b89bf6c79c7b16e1c4032a
SHA1

d71e38bc5e4bc0a62bbdb1aa8121c4ba2721cad6
SHA256

2784464e93f1f7cc843abbe2a9cbc4762c6846cb900004218df08bc33b3e65d4
SHA512

d4aed7783e95593346da8a89991e229f3cf03cb98779d4d46489532b5461951a67a00c3c20d7303f7a052f2642e1e86ddc330620087b37d1cf2c0f99536bd268
SSDEEP

98304:Mlv23ay/mq1BjDtkQ079UKTzY32d6xayyNzped9HziQTQwFYT:mSay+q1HKUKcZxayyGd9HFkvT

Score

10^/10

metasploit backdoor trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Signatures

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit

Processes

C:\Users\Admin\AppData\Local\Temp\2784464e93f1f7cc843abbe2a9cbc4762c6846cb900004218df08bc33b3e65d4.exe
"C:\Users\Admin\AppData\Local\Temp\2784464e93f1f7cc843abbe2a9cbc4762c6846cb900004218df08bc33b3e65d4.exe"
1⤵
PID:2440

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=3760,i,15140928051103392835,1612840580898364401,262144 --variations-seed-version --mojo-platform-channel-handle=4376 /prefetch:8
1⤵
PID:1292

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2440-0-0x00000000005D0000-0x00000000005D1000-memory.dmp

Filesize
4KB

Download

© 2018-2024

Terms | Privacy