metasploit | b9b9866f84ba41586c9893c21c1e9d2968a744c9f96ebe30e7fc3c4c31ec4483

Analysis

max time kernel
122s
max time network
123s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
21-09-2024 04:17

Target

b9b9866f84ba41586c9893c21c1e9d2968a744c9f96ebe30e7fc3c4c31ec4483.exe
Size

183KB
MD5

181ed92780b4dd3fd1067e56230c7c92
SHA1

b8ce740b3c8c8070919b5b0047750fcbdd151250
SHA256

b9b9866f84ba41586c9893c21c1e9d2968a744c9f96ebe30e7fc3c4c31ec4483
SHA512

f2c706788019d3c429da67f2316fe9f3fa10d2c26471a7b4e839ea8631eb187f09c74774006582e0cad565064d5a187042bb8b948856ef2a6a5886790251a679
SSDEEP

3072:5l85FngYWp2pQuKpcAHE/1X4hZ6AM4ugTQC:+6u9/4u+QC

Score

10^/10

Family

metasploit

Version

windows/reverse_tcp

192.168.1.106:8000

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit

C:\Users\Admin\AppData\Local\Temp\b9b9866f84ba41586c9893c21c1e9d2968a744c9f96ebe30e7fc3c4c31ec4483.exe
"C:\Users\Admin\AppData\Local\Temp\b9b9866f84ba41586c9893c21c1e9d2968a744c9f96ebe30e7fc3c4c31ec4483.exe"
1⤵
PID:276

memory/276-2-0x0000000000050000-0x0000000000063000-memory.dmp

Filesize
76KB

Download
memory/276-1-0x000000013F870000-0x000000013F8A3000-memory.dmp

Filesize
204KB

Download
memory/276-0-0x0000000000610000-0x0000000000810000-memory.dmp

Filesize
2.0MB

Download