Overview

overview

10

Static

static

10

5b1d2681c5...f0.exe

windows7-x64

3

5b1d2681c5...f0.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    94s
  • max time network
    122s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    18-09-2024 22:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5b1d2681c5c5bccac3abe4a3c9f3805d1bd452c01d1710c3ff1cc3ebf95e15f0.exe

  • Size

    72KB

  • MD5

    7ee22f6bd1a67ae5951221f5cc4c3ff7

  • SHA1

    01edccd715c6d19000892c2319988bbe7aa5b01b

  • SHA256

    5b1d2681c5c5bccac3abe4a3c9f3805d1bd452c01d1710c3ff1cc3ebf95e15f0

  • SHA512

    3aacaf770dab70d1e0bf8d50287cf94015b74cc9a272d8bf213e298166775ccff81273198f6eb5d2b0d496d02350f79f3fc20d57bcf5fe8ddfcb65941b7560a1

  • SSDEEP

    1536:IBU3AN+00sPDfNZApbphm3a/ANAulpipMb+KR0Nc8QsJq39:M4c+PCFsoe80pe0Nc8QsC9

Score
10/10
metasploitbackdoordiscoverytrojan

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

225.101.117.64:11104

Signatures

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery

Processes

  • C:\Users\Admin\AppData\Local\Temp\5b1d2681c5c5bccac3abe4a3c9f3805d1bd452c01d1710c3ff1cc3ebf95e15f0.exe
    "C:\Users\Admin\AppData\Local\Temp\5b1d2681c5c5bccac3abe4a3c9f3805d1bd452c01d1710c3ff1cc3ebf95e15f0.exe"
    1⤵
    • System Location Discovery: System Language Discovery
    PID:4456

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4456-0-0x0000000000670000-0x0000000000671000-memory.dmp

    Filesize

    4KB

    Download