metasploit | 083a504054bf5034a40c863a4d1dd489a89fa50cc944f8c71994ec3292e95248

Analysis

max time kernel
132s
max time network
127s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
30-05-2024 01:01

Target

083a504054bf5034a40c863a4d1dd489a89fa50cc944f8c71994ec3292e95248.exe
Size

7KB
MD5

b3e1688a68a66cf3844242de091a1dde
SHA1

4c062dd8b7fc98610b9d631d4bbb082f787abb3b
SHA256

083a504054bf5034a40c863a4d1dd489a89fa50cc944f8c71994ec3292e95248
SHA512

a0ba2400d61fbfddf5348f3d009d3f702816597710e847ec370193ec3d6de16e39fc3b90c4a884bddaa07bea1b28866c182cf01e6db80464ec9d6b1effa530ec
SSDEEP

24:eFGStrJ9u0/6hQnZdkBQAVn1Y+BXKLqdeNDMSCvOXpmB:is0wEkBQAq+BX9SD9C2kB

Score

10^/10

Family

metasploit

Version

metasploit_stager

94.139.242.7:5454

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit

C:\Users\Admin\AppData\Local\Temp\083a504054bf5034a40c863a4d1dd489a89fa50cc944f8c71994ec3292e95248.exe
"C:\Users\Admin\AppData\Local\Temp\083a504054bf5034a40c863a4d1dd489a89fa50cc944f8c71994ec3292e95248.exe"
1⤵
PID:3916

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=4356,i,4686244434963378549,11462511444150484980,262144 --variations-seed-version --mojo-platform-channel-handle=3656 /prefetch:8
1⤵
PID:1020

memory/3916-0-0x0000000140000000-0x0000000140004278-memory.dmp

Filesize
16KB

Download