metasploit | f5d7acff08596c9987f4ab5e4b405735aeb19f613e384c7f2003a80480326d97

Analysis

max time kernel
94s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
21-09-2024 15:14

Target

f5d7acff08596c9987f4ab5e4b405735aeb19f613e384c7f2003a80480326d97.exe
Size

575KB
MD5

654ec55608fd579dc1616fd1bf1e65e3
SHA1

385887eb5d2bb8f0dd5281d9666f518faf383537
SHA256

f5d7acff08596c9987f4ab5e4b405735aeb19f613e384c7f2003a80480326d97
SHA512

bb9187ee508c0c1453583680e2d96281ac38017b18ee27779c692b7798860c0e4fcaea397e14a2c8ea928cb136476341363dd78432d7b37bf06952dcd3efd8c2
SSDEEP

12288:ferZYHcotRd0XHvfwk3Ta77Hp0fWAUmBZmHFqQ1vYFLdqo51:fSscot2kd1vYFLdqo51

Score

10^/10

Family

metasploit

Version

metasploit_stager

127.0.0.1:12345

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit

C:\Users\Admin\AppData\Local\Temp\f5d7acff08596c9987f4ab5e4b405735aeb19f613e384c7f2003a80480326d97.exe
"C:\Users\Admin\AppData\Local\Temp\f5d7acff08596c9987f4ab5e4b405735aeb19f613e384c7f2003a80480326d97.exe"
1⤵
PID:5028

memory/5028-0-0x000001E0AABC0000-0x000001E0AABC1000-memory.dmp

Filesize
4KB

Download
memory/5028-1-0x00007FF6A5920000-0x00007FF6A59A9000-memory.dmp

Filesize
548KB

Download
memory/5028-3-0x00007FF6A5920000-0x00007FF6A59A9000-memory.dmp

Filesize
548KB

Download