Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

7

6b2361e3f2...bd.exe

windows7-x64

10

6b2361e3f2...bd.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    148s
  • max time network
    153s
  • platform
    windows7_x64
  • resource
    win7-20240704-en
  • resource tags

    arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
  • submitted
    09/07/2024, 00:03 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6b2361e3f2edbb461dce6e6fadd6f8621c99c276df7fe3bd09915892be66c8bd.exe

  • Size

    50KB

  • MD5

    64fb679752b44553d0bf78b2250c3d39

  • SHA1

    6d0d4c48ad62e775dd5fd4553831b3ad4812ddb4

  • SHA256

    6b2361e3f2edbb461dce6e6fadd6f8621c99c276df7fe3bd09915892be66c8bd

  • SHA512

    772fd26d0f46169411d28e845cf1297be96569b99e9a2a93e58e47b4ccc0e6f0be967771d7dfd171e56e40eeb8c68557b8d3097fd7597fbffb678c16c36ce872

  • SSDEEP

    1536:I6qJeYwpiJToCB79s7xC+ufT4JIWO4qRq3:NuWpAJfs7xSEJ2t6

Score
10/10
metasploitbackdoortrojanupx

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

10.0.4.4:2030

Signatures

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit
  • UPX packed file 2 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx

Processes

  • C:\Users\Admin\AppData\Local\Temp\6b2361e3f2edbb461dce6e6fadd6f8621c99c276df7fe3bd09915892be66c8bd.exe
    "C:\Users\Admin\AppData\Local\Temp\6b2361e3f2edbb461dce6e6fadd6f8621c99c276df7fe3bd09915892be66c8bd.exe"
    1⤵
      PID:2324

    Network

      No results found
    • 10.0.4.4:2030
      6b2361e3f2edbb461dce6e6fadd6f8621c99c276df7fe3bd09915892be66c8bd.exe
      1.1kB
       22
    No results found

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2324-0-0x0000000000400000-0x0000000000419000-memory.dmp

      Filesize

      100KB

      Download

    • memory/2324-1-0x0000000000030000-0x0000000000034000-memory.dmp

      Filesize

      16KB

      Download

    • memory/2324-2-0x0000000000400000-0x0000000000419000-memory.dmp

      Filesize

      100KB

      Download

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.