metasploit | 6855eac916f6823962228a6f03f14f8c9802a02355e237191a382a02e327d856

Analysis

max time kernel
122s
max time network
124s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
13-09-2024 08:57

Target

6855eac916f6823962228a6f03f14f8c9802a02355e237191a382a02e327d856.exe
Size

150KB
MD5

ddc3baa320b95f67e7f0ad3acae54e9a
SHA1

a78818c46a6adccfe071e9c7458ffa06e668e425
SHA256

6855eac916f6823962228a6f03f14f8c9802a02355e237191a382a02e327d856
SHA512

46979c2a153012ecf3dcab06d216586694b610a50a3d0880dc57cc535c3014d60b6a84cb249b53c87bc21c2908622b3cf116dbed00e32243cdeaa27417491c59
SSDEEP

3072:i4TuGM5ttTgIo3gRZax1SfyBlHwOa1NmPRkn6wCw:iMuGM5zUMvyBlsNQRkn6wp

Score

10^/10

Family

metasploit

Version

windows/shell_reverse_tcp

192.168.72.182:666

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit

C:\Users\Admin\AppData\Local\Temp\6855eac916f6823962228a6f03f14f8c9802a02355e237191a382a02e327d856.exe
"C:\Users\Admin\AppData\Local\Temp\6855eac916f6823962228a6f03f14f8c9802a02355e237191a382a02e327d856.exe"
1⤵
PID:2244

memory/2244-1-0x00000000000A0000-0x00000000000B6000-memory.dmp

Filesize
88KB

Download
memory/2244-0-0x00000000000A0000-0x00000000000B6000-memory.dmp

Filesize
88KB

Download
memory/2244-2-0x0000000000030000-0x0000000000031000-memory.dmp

Filesize
4KB

Download
memory/2244-3-0x00000000000A0000-0x00000000000B6000-memory.dmp

Filesize
88KB

Download