metasploit | a317b7f9a66cc781998dfa874dfdd17b4aad741ffbdf8e1497a4a5aab360bbcd

Analysis

max time kernel
119s
max time network
119s
platform
windows7_x64
resource
win7-20240508-en
resource tags

arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
submitted
05-06-2024 11:34

Target

a317b7f9a66cc781998dfa874dfdd17b4aad741ffbdf8e1497a4a5aab360bbcd.exe
Size

14KB
MD5

5df1295b60476ab7e7c18717775293c1
SHA1

e728c27304e48233fe73f3635c76425d3a05745d
SHA256

a317b7f9a66cc781998dfa874dfdd17b4aad741ffbdf8e1497a4a5aab360bbcd
SHA512

eccd1cfdcaefb303d9fbf9e7aab2d48020bbc45908187f08b179e94cf0204153e68366bcdb55b2eac22697b6b85caeed0002d94e317a490b678712385cad2bc0
SSDEEP

192:p3mbPYCfMcrfOIuZmvKQxtzlSIVX6NOnejDMN1:QMCfrfQ6tBSIpeUN1

Score

10^/10

Family

metasploit

Version

windows/download_exec

http://59.110.140.224:9000/MSCy

Attributes

headers User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 2.0.50727; InfoPath.2)

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit

C:\Users\Admin\AppData\Local\Temp\a317b7f9a66cc781998dfa874dfdd17b4aad741ffbdf8e1497a4a5aab360bbcd.exe
"C:\Users\Admin\AppData\Local\Temp\a317b7f9a66cc781998dfa874dfdd17b4aad741ffbdf8e1497a4a5aab360bbcd.exe"
1⤵
PID:2128

memory/2128-0-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download
memory/2128-1-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/2128-5-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download