metasploit | 8a96bb26226cc029f27e9a59762250642d24c71bb80c598a567d7607215382f4

Analysis

max time kernel
156s
max time network
169s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
05-06-2024 11:30

Target

8a96bb26226cc029f27e9a59762250642d24c71bb80c598a567d7607215382f4.exe
Size

2.3MB
MD5

0ab44a94a4a30364eafb629e0e695439
SHA1

4c1e68743723fc41ee289f514fdb3a12a5adfe91
SHA256

8a96bb26226cc029f27e9a59762250642d24c71bb80c598a567d7607215382f4
SHA512

490477994808cc89edb28b480efec854d5a7191c243391e6df604e2457f1451ee16fbccbc178fb8c68eb00cc2fd761e4471581629422ed446558786630769825
SSDEEP

24576:4lPlpcQukDOqSgvM+wXjSMLjtJHlXrlQDHgm8DKGDIBntfcKAxDHDz+NP2LlB:Kp7DOqSK4XjNnpcHgHotEKkj+NP2r

Score

10^/10

Family

metasploit

Version

metasploit_stager

10.211.55.2:2334

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit

C:\Users\Admin\AppData\Local\Temp\8a96bb26226cc029f27e9a59762250642d24c71bb80c598a567d7607215382f4.exe
"C:\Users\Admin\AppData\Local\Temp\8a96bb26226cc029f27e9a59762250642d24c71bb80c598a567d7607215382f4.exe"
1⤵
PID:2388

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=3792 --field-trial-handle=2356,i,13261194862334667799,7441241219475888176,262144 --variations-seed-version /prefetch:8
1⤵
PID:1384

memory/2388-0-0x00000295FEFE0000-0x00000295FEFE1000-memory.dmp

Filesize
4KB

Download