Overview

overview

10

Static

static

3

level2.exe

windows7-x64

1

level2.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    147s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240426-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
  • submitted
    15-05-2024 08:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    level2.exe

  • Size

    17KB

  • MD5

    b33671101b91df7eed20f8d09d2c3098

  • SHA1

    d38fd250275c85e76a438c5f79617b915dd3cff9

  • SHA256

    f643dc8d53ed53a2287c0c101867f73e7d7f60e74fc602c79f95f88a79279684

  • SHA512

    c3777506612ad1a48ebe636083dea6286720114c2e8e78cb308640f3870cb44b43ce7f4db50a4e16f12b08d763b66365f6606f773912e7ce1d20a3ac3041c8c3

  • SSDEEP

    192:LTowfoTZGB5VEvxRqM6aDql9xFezQiABg1g+FM5NooqlUUKiaAws681e3Q5XfMc6:LToPtGBsvxzzDYOQ/B+NW5NpHx3j

Score
10/10
metasploitbackdoortrojan

Malware Config

Extracted

Family

metasploit

Version

metasploit_stager

C2

192.168.122.1:31337

Signatures

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit

Processes

  • C:\Users\Admin\AppData\Local\Temp\level2.exe
    "C:\Users\Admin\AppData\Local\Temp\level2.exe"
    1⤵
      PID:3672

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3672-0-0x000001682F1F0000-0x000001682F1F1000-memory.dmp
      Filesize

      4KB

      Download