metasploit | cad274c5c0130cf5a21aa44914bbee5fa1b8205c7b19843ea2ee1054e671c3cd | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

cad274c5c0...cd.exe

windows7-x64

7

cad274c5c0...cd.exe

windows10-2004-x64

Sharing

General

Target

cad274c5c0130cf5a21aa44914bbee5fa1b8205c7b19843ea2ee1054e671c3cd.exe
Size

5.7MB
Sample

240726-gpzl2szfrq
MD5

a3c08ba1a63a6789186de34cd55ec710
SHA1

a5abffea8b4fa8a7fdd45cf405a1dce25b5bda98
SHA256

cad274c5c0130cf5a21aa44914bbee5fa1b8205c7b19843ea2ee1054e671c3cd
SHA512

e8b3d3daea255a731bd0dc9c447542a0a5cecddcf1bb02fdfdd7eb30afcbd9a75e01e9889bfd8b95a165ff6ed0a2b2dc2dbf5a5866085d92e0877e5e4a5e8f85
SSDEEP

98304:CXbBg9hU36OshoKyDvuIYc5AhVYEc4kZvRLoI0EJfNAIjvJJT1aOcKoS:CrBQ6qOshoKMuIkhVfstRL5Die1Zc

Score

10^/10

metasploit backdoor pyinstaller trojan upx

Static task

static1

pyinstaller metasploit

3 signatures

Behavioral task

behavioral1

Sample

cad274c5c0130cf5a21aa44914bbee5fa1b8205c7b19843ea2ee1054e671c3cd.exe

Resource

win7-20240708-en

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

cad274c5c0130cf5a21aa44914bbee5fa1b8205c7b19843ea2ee1054e671c3cd.exe

Resource

win10v2004-20240709-en

metasploit backdoor trojan upx

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

metasploit

Version

metasploit_stager

C2

101.33.35.171:8080

Targets

- Target
  
  cad274c5c0130cf5a21aa44914bbee5fa1b8205c7b19843ea2ee1054e671c3cd.exe
- Size
  
  5.7MB
- MD5
  
  a3c08ba1a63a6789186de34cd55ec710
- SHA1
  
  a5abffea8b4fa8a7fdd45cf405a1dce25b5bda98
- SHA256
  
  cad274c5c0130cf5a21aa44914bbee5fa1b8205c7b19843ea2ee1054e671c3cd
- SHA512
  
  e8b3d3daea255a731bd0dc9c447542a0a5cecddcf1bb02fdfdd7eb30afcbd9a75e01e9889bfd8b95a165ff6ed0a2b2dc2dbf5a5866085d92e0877e5e4a5e8f85
- SSDEEP
  
  98304:CXbBg9hU36OshoKyDvuIYc5AhVYEc4kZvRLoI0EJfNAIjvJJT1aOcKoS:CrBQ6qOshoKMuIkhVfstRL5Die1Zc
Score

10^/10

upx metasploit backdoor trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

pyinstallermetasploit

behavioral1

behavioral2

metasploitbackdoortrojanupx

© 2018-2025

Terms | Privacy