Overview

overview

10

Static

static

3

06957a1d59...e1.exe

windows7-x64

10

06957a1d59...e1.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    121s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    28-06-2024 00:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    06957a1d5944d5b920ea4bbade607e7d22f2fd0c8589c9a691d527110eaad9e1.exe

  • Size

    3.6MB

  • MD5

    6a1e69af612ce3022ecc49899df761b4

  • SHA1

    27b08376ed6f156dbad15e7a6991fa904fe9dcba

  • SHA256

    06957a1d5944d5b920ea4bbade607e7d22f2fd0c8589c9a691d527110eaad9e1

  • SHA512

    cb015f01b454ffde5d7ecee59b513e05fd60983fb04a475c1c7163fad1ff04203ead4f7e9815d8a1ac43cfa39dd2859438b893aa117d6fd5e11a104b4f9c776f

  • SSDEEP

    49152:A08OhxtUg9OUi82w6aQp9dgS1GUL38XhCOYc3iJXe9emEPGKGPkQThMYRMnm7LB9:A08vdsGaQNgS1C6eingKpqh

Score
10/10
metasploitbackdoortrojan

Malware Config

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

212.154.6.128:3452

Signatures

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit

Processes

  • C:\Users\Admin\AppData\Local\Temp\06957a1d5944d5b920ea4bbade607e7d22f2fd0c8589c9a691d527110eaad9e1.exe
    "C:\Users\Admin\AppData\Local\Temp\06957a1d5944d5b920ea4bbade607e7d22f2fd0c8589c9a691d527110eaad9e1.exe"
    1⤵
      PID:2060

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2060-0-0x0000000000663000-0x0000000000665000-memory.dmp

      Filesize

      8KB

      Download