metasploit | 5931d57908c2ecbd419bf900d7b95f3a8c02b214610c4d8369111b13589e61ed

Analysis

max time kernel
150s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240709-en
resource tags

arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
submitted
22/07/2024, 11:12

Target

5931d57908c2ecbd419bf900d7b95f3a8c02b214610c4d8369111b13589e61ed.exe
Size

5.0MB
MD5

c7618904049a576fb2d66bca09efff4c
SHA1

23bde34ac7a3df6b4583ac6dc794d4c0decf30fc
SHA256

5931d57908c2ecbd419bf900d7b95f3a8c02b214610c4d8369111b13589e61ed
SHA512

98f3a8a57530f666344b36f3ba1fc08debe0c2c7ca8f3206a2a85854019322d4218c81bcb0e54631996bd48fb8bc12608252df0bb2b51205b303876357ceab49
SSDEEP

49152:F8x5J+tHJL3pDJP1sKuJOftOn66EtyQ7id5ZTq4C345ERCTvWennnf7NOmXeFiE:bHJbhqetOn6DI9HER2nf0mX

Score

10^/10

Family

metasploit

Version

metasploit_stager

8.146.206.7:9999

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit

GoLang User-Agent 1 IoCs

Uses default user-agent string defined by GoLang HTTP packages.

description	flow	ioc
HTTP User-Agent header	3	Go-http-client/1.1

C:\Users\Admin\AppData\Local\Temp\5931d57908c2ecbd419bf900d7b95f3a8c02b214610c4d8369111b13589e61ed.exe
"C:\Users\Admin\AppData\Local\Temp\5931d57908c2ecbd419bf900d7b95f3a8c02b214610c4d8369111b13589e61ed.exe"
1⤵
PID:3464

memory/3464-0-0x000001FCE1470000-0x000001FCE1476000-memory.dmp

Filesize
24KB

Download
memory/3464-1-0x000001FCE2C80000-0x000001FCE2C86000-memory.dmp

Filesize
24KB

Download