metasploit | c8245bcf8b87d47dd6af081f06255af399ef5b314c61cceea2f28b748808976a

Analysis

max time kernel
114s
max time network
119s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
21-09-2024 07:53

Target

c8245bcf8b87d47dd6af081f06255af399ef5b314c61cceea2f28b748808976aN.exe
Size

7KB
MD5

252ba549481510524f265801a4e8f550
SHA1

3d8464897d1e97d86aae87c086a0c6e11c6a675b
SHA256

c8245bcf8b87d47dd6af081f06255af399ef5b314c61cceea2f28b748808976a
SHA512

8809bd1e2caf3120261aa609dc4b6a512e3af7f99c9a22ed2a2406bd51a4794e27b7106d2cf59a47acf7e2c96666bb694d1ba502183c8da4e27ee4948ffbe64c
SSDEEP

24:eFGStrJ9u0/6S9RnZdkBQAVK86WY+hKZq6eNDMSCvOXpmB:is0X9hkBQv8i+hkSD9C2kB

Score

10^/10

Family

metasploit

Version

metasploit_stager

192.168.24.128:19827

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit

C:\Users\Admin\AppData\Local\Temp\c8245bcf8b87d47dd6af081f06255af399ef5b314c61cceea2f28b748808976aN.exe
"C:\Users\Admin\AppData\Local\Temp\c8245bcf8b87d47dd6af081f06255af399ef5b314c61cceea2f28b748808976aN.exe"
1⤵
PID:4872

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=4372,i,3239535018877284530,3457823197501312703,262144 --variations-seed-version --mojo-platform-channel-handle=1036 /prefetch:8
1⤵
PID:3560

memory/4872-0-0x0000000140000000-0x0000000140004278-memory.dmp

Filesize
16KB

Download
memory/4872-1-0x0000000140000000-0x0000000140004278-memory.dmp

Filesize
16KB

Download