Overview

overview

10

Static

static

3

856de6dfbd...0N.exe

windows7-x64

10

856de6dfbd...0N.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    94s
  • max time network
    101s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10-09-2024 19:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    856de6dfbd7fb203b5d5c9c95da3c660N.exe

  • Size

    130KB

  • MD5

    856de6dfbd7fb203b5d5c9c95da3c660

  • SHA1

    ccb4672a51837cc12a02df041aad3ac3ccd890aa

  • SHA256

    a35888d59cc83f8bf13f408eeb49731c990d0d2358eeeb25f9204053c1331401

  • SHA512

    c1717a83db170457f31812cdd4381d4d8c740c9d96fabd7a67a76b8e308e015b4cf262a229a17becab499911bf4be2de1a2ff51708e7d8542d609e7eda03d0d9

  • SSDEEP

    1536:FgZQka1iWkP1f4/ygegkzHuPJzovWhfiM5zy7Qdavurr+MwPAruxNib+lpw2R6vq:6ZV6k1f4/AzaoWdaiuSLdS

Score
10/10
metasploitbackdoortrojan

Malware Config

Extracted

Family

metasploit

Version

windows/exec

Signatures

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit

Processes

  • C:\Users\Admin\AppData\Local\Temp\856de6dfbd7fb203b5d5c9c95da3c660N.exe
    "C:\Users\Admin\AppData\Local\Temp\856de6dfbd7fb203b5d5c9c95da3c660N.exe"
    1⤵
      PID:4616

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4616-0-0x00007FF65C5B0000-0x00007FF65C5D4000-memory.dmp

      Filesize

      144KB

      Download