metasploit | 28ff2aa0082cac57486904d361ea12a13f97fe5f301da2b46582e54e92ce7643

Analysis

max time kernel
16s
max time network
17s
platform
windows7_x64
resource
win7-20240729-en
resource tags

arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
submitted
07-11-2024 21:04

Target

28ff2aa0082cac57486904d361ea12a13f97fe5f301da2b46582e54e92ce7643.exe
Size

7KB
MD5

a34b01f490614320f650f17794d60f8b
SHA1

c788a72a4cab9f8fe02e08296618f3f69aef0550
SHA256

28ff2aa0082cac57486904d361ea12a13f97fe5f301da2b46582e54e92ce7643
SHA512

188512b06734c6946d36ce26fa846c8a19e3dda0cf58bd47d4cd7f80e268ae13626003c83496544b270c0a3ec25aa7b314aad6c2e0f85d02abe37266e1ae3fb0
SSDEEP

24:eFGStrJ9u0/63nTUnZd4BQAVVots7aN/UcREYO4HUQ0SOwXbALOsFpmB:is0mT44BQG2LRvEYO4HUQ0SOwXbJB

Score

10^/10

Family

metasploit

Version

encoder/shikata_ga_nai

Family

metasploit

Version

metasploit_stager

192.168.1.141:4545

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit
Metasploit family
metasploit

C:\Users\Admin\AppData\Local\Temp\28ff2aa0082cac57486904d361ea12a13f97fe5f301da2b46582e54e92ce7643.exe
"C:\Users\Admin\AppData\Local\Temp\28ff2aa0082cac57486904d361ea12a13f97fe5f301da2b46582e54e92ce7643.exe"
1⤵
PID:2380

memory/2380-0-0x0000000140000000-0x0000000140004350-memory.dmp

Filesize
16KB

Download