metasploit | a31dc72d85d32c60a841a9b82b94360ebae3ec54fb1a3190af02983724a5b3b0

Analysis

max time kernel
150s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240426-en
resource tags

arch:x64arch:x86image:win10v2004-20240426-enlocale:en-usos:windows10-2004-x64system
submitted
05-06-2024 01:19

Target

a31dc72d85d32c60a841a9b82b94360ebae3ec54fb1a3190af02983724a5b3b0.exe
Size

14KB
MD5

5a723d02cec915a9579e1718cd1e7062
SHA1

72d5922e85d16c3c75e87b6e0623c847f1952a62
SHA256

a31dc72d85d32c60a841a9b82b94360ebae3ec54fb1a3190af02983724a5b3b0
SHA512

d97b801354847ef6ead252cfc44468dbe59cbc4ac9c3d35d240f5685a9568806196541424979d93689bafee411b22c177401350987702a77e0f00099cc7079c1
SSDEEP

192:kHCugRK83SxHn2OQ/dmBI4KBPwgir+xzwF/qbqUqV/Qjo7AGa:ICxRKqbOCdWIVBPk+xzwF+fCXAn

Score

10^/10

Family

metasploit

Version

windows/download_exec

http://172.20.10.10:4444/ClGf

Attributes

headers User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; XBLWP7; ZuneWP7)

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit

C:\Users\Admin\AppData\Local\Temp\a31dc72d85d32c60a841a9b82b94360ebae3ec54fb1a3190af02983724a5b3b0.exe
"C:\Users\Admin\AppData\Local\Temp\a31dc72d85d32c60a841a9b82b94360ebae3ec54fb1a3190af02983724a5b3b0.exe"
1⤵
PID:4908

memory/4908-0-0x00000000001D0000-0x00000000001D1000-memory.dmp

Filesize
4KB

Download
memory/4908-1-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/4908-3-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download