metasploit | 194e405f98dadc88a7041b0724e31db7a92537f200c380b0e89674177ae0a963 | Triage

Submit
Reports

Overview

overview

Static

static

hot.exe

windows7-x64

hot.exe

windows10-2004-x64

Resubmissions

Analysis

max time kernel
130s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
24-05-2024 06:08

Sharing

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

hot.exe

Resource

win7-20240215-en

metasploit backdoor trojan

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

hot.exe

Resource

win10v2004-20240426-en

metasploit backdoor trojan

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

hot.exe
Size

72KB
MD5

de9ffcf77572e26f4baa2095dfa7fb87
SHA1

210ae1175ab66311068ee5f8bcfd498ad2d04d18
SHA256

194e405f98dadc88a7041b0724e31db7a92537f200c380b0e89674177ae0a963
SHA512

1e7f29dd2c52f593ef2b23b3d19c70366bbe87126e3565fedf802c516908b4121daf3e91465f18e114dcdaa3b5bf72d52f737e9c3be952931a9f066edf9b2662
SSDEEP

1536:I1cCF7Zrxh8HXfrs04gVjdhBrMb+KR0Nc8QsJq39:EF7d8vzJhdhle0Nc8QsC9

Score

10^/10

metasploit backdoor trojan

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

185.228.139.123:4444

Signatures

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit

Processes

C:\Users\Admin\AppData\Local\Temp\hot.exe
"C:\Users\Admin\AppData\Local\Temp\hot.exe"
1⤵
PID:3844

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3844-0-0x0000000000570000-0x0000000000571000-memory.dmp

Filesize
4KB

Download

© 2018-2024

Terms | Privacy