metasploit | 4a32c7476c7e47a2fdf64a9a8e7acd5d8f8d1605d790a9de024cf6d5637e3c71

Analysis

max time kernel
139s
max time network
154s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
19-05-2024 10:26

Target

4a32c7476c7e47a2fdf64a9a8e7acd5d8f8d1605d790a9de024cf6d5637e3c71.exe
Size

14KB
MD5

013850312785e04d5e28d62d6eeaddd5
SHA1

5da1890a5ecbf1b4c989f624d933d20f9f652756
SHA256

4a32c7476c7e47a2fdf64a9a8e7acd5d8f8d1605d790a9de024cf6d5637e3c71
SHA512

f448af10ce00ccdad4e9ce8d6845af61d2985caf431beaf6f1799f486fb4de0fe38f7946fa197a98d48e9879cb8ad518245866cce6f8cb497ac88299a756a227
SSDEEP

192:z3mbPYCfMcrfOIuZmvKQxtzlSIVX6NOZrhejDMN1:aMCfrfQ6tBSIrheUN1

Score

10^/10

Family

metasploit

Version

windows/download_exec

http://43.139.160.164:7080/7xu8

Attributes

headers User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; BTRS125526)

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit

C:\Users\Admin\AppData\Local\Temp\4a32c7476c7e47a2fdf64a9a8e7acd5d8f8d1605d790a9de024cf6d5637e3c71.exe
"C:\Users\Admin\AppData\Local\Temp\4a32c7476c7e47a2fdf64a9a8e7acd5d8f8d1605d790a9de024cf6d5637e3c71.exe"
1⤵
PID:4996

memory/4996-0-0x00000000001D0000-0x00000000001D1000-memory.dmp

Filesize
4KB

Download
memory/4996-1-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/4996-3-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download