Overview

overview

10

Static

static

3

b772ce036e...b8.exe

windows7-x64

10

b772ce036e...b8.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    140s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19-09-2024 04:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b772ce036ed70a361d9d741a6c387cf18d4537afdcc9a2978b808ce15a1ca8b8.exe

  • Size

    59KB

  • MD5

    0e9f5fd6426bea347b0b0944756ad623

  • SHA1

    ea70287a448aa5e45cb7095ee7426ddb0519fdc1

  • SHA256

    b772ce036ed70a361d9d741a6c387cf18d4537afdcc9a2978b808ce15a1ca8b8

  • SHA512

    e79c30adde3dce6323697247e8d2778d353fe7f8f6df40a6a207d783a5c69b0046fb5ae5005f3f473eb0b391efe81e0352d85b47f6f95d10d32a6778a61d2656

  • SSDEEP

    768:U4ZtCIYHlCaEoigb9exg7Jc6S3hZEnXm5P0QhDXhG/:5CIYHxigb9exg7JcX3hZXh0QhDY/

Score
10/10
metasploitbackdoortrojan

Malware Config

Extracted

Family

metasploit

Version

metasploit_stager

C2

43.136.32.239:443

Signatures

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit

Processes

  • C:\Users\Admin\AppData\Local\Temp\b772ce036ed70a361d9d741a6c387cf18d4537afdcc9a2978b808ce15a1ca8b8.exe
    "C:\Users\Admin\AppData\Local\Temp\b772ce036ed70a361d9d741a6c387cf18d4537afdcc9a2978b808ce15a1ca8b8.exe"
    1⤵
      PID:1104

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1104-0-0x0000023DB2680000-0x0000023DB2681000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1104-1-0x00007FF7E05C0000-0x00007FF7E05D4000-memory.dmp

      Filesize

      80KB

      Download