metasploit | 92370396d10e8f498dcb58a6af5158dbaa871d7e8b958ea13e10ad1388278f73 | Triage

Submit
Reports

Overview

overview

Static

static

3

oRDgAfX.exe

windows7-x64

oRDgAfX.exe

windows10-2004-x64

Analysis

max time kernel
149s
max time network
158s
platform
windows10-2004_x64
resource
win10v2004-20240508-en
resource tags

arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
submitted
30-06-2024 13:23

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

oRDgAfX.exe

Resource

win7-20240611-en

metasploit backdoor trojan

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

oRDgAfX.exe

Resource

win10v2004-20240508-en

metasploit backdoor trojan

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

oRDgAfX.exe
Size

5KB
MD5

1f334c6da3a9a1beb53d38e566fdb216
SHA1

300406b30e2c820dd4ddc0054351e0ce951e815b
SHA256

92370396d10e8f498dcb58a6af5158dbaa871d7e8b958ea13e10ad1388278f73
SHA512

a8b5e741e60093859a48f077555f874217feda0f0128bdd06771d9300762a6c891770cb2a2e00c0ac2323f0430981d3087a57270970efe237c3089d7d5a63c0c
SSDEEP

96:17IWKINu62GnnLasTU9ig+wGs7YdDjSe9BWCyw/NzAwApAra6JhduV0:1UWTN52+SikGsgasBRNqSaYhduV0

Score

10^/10

metasploit backdoor trojan

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

51.75.140.195:4448

Signatures

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit

Processes

C:\Users\Admin\AppData\Local\Temp\oRDgAfX.exe
"C:\Users\Admin\AppData\Local\Temp\oRDgAfX.exe"
1⤵
PID:1856

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1856-0-0x00000000005F0000-0x00000000005F1000-memory.dmp

Filesize
4KB

Download

© 2018-2025

Terms | Privacy