Extracted

• • Target

    file.exe

  • Size

    522KB

  • MD5

    06a0c92c691e980875b3345ce72fe78b

  • SHA1

    ab38c20a9e04f0ffe951a194075c296373e3e367

  • SHA256

    136e03127b12cc2b5242530339b24ad7c082741c152783d996b3fa63bc21f6de

  • SHA512

    ea60783778989f0979e6edc25b4877d073ac7ea0a067fd7750a679eb6f380212e739ef07d6239911a4a3604e236ccdf65df6fd9faccd37f2c25116844e91f2cb

  • SSDEEP

    12288:JzxzTDWikLSb4NS7QX+tjUXZkzF4Lyqe185h9pp3bQ/FO:zDWHSb4NkJ4S6hE/s

  Score

  10^/10

  metasploitbackdoordiscoverytrojan

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  behavioral1behavioral2