Overview

overview

10

Static

static

3

4a7b382f97...1N.dll

windows7-x64

10

4a7b382f97...1N.dll

windows10-2004-x64

10

Analysis

  • max time kernel
    105s
  • max time network
    119s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    11-11-2024 13:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4a7b382f97f2e45f3580bce61e64f69d4193f88eed866efceda73c7125ba9461N.dll

  • Size

    364KB

  • MD5

    8f1fede84d2dc165788ddf53ee6e2567

  • SHA1

    3b2a9261109574d3f48a1376e6dd116000ff5682

  • SHA256

    125933502e244be0fd6c3d86e5caae63a5976a614175eb4c83e4797b5e4c55c4

  • SHA512

    64a5b081e2375e5b16685a7e6bc27ab3b2e9f0e44bd1743c2af73c80db2d022feacb05dc16c9070a1243f607c7f6a725ce20fb3eca9be19711c1283e0ba486f3

  • SSDEEP

    6144:YwtNaxVbh2jGiVXXLTkd5MDtk+dLLcWV50DEr5rWh1wu:YDbh2jfJLTNtk+dLLcZDL4u

Score
10/10
metasploitbackdoortrojan

Malware Config

Extracted

Family

metasploit

Version

metasploit_stager

C2

10.8.1.148:80

Signatures

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit
  • Metasploit family
    metasploit

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\4a7b382f97f2e45f3580bce61e64f69d4193f88eed866efceda73c7125ba9461N.dll
    1⤵
      PID:220

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/220-0-0x0000000002260000-0x0000000002261000-memory.dmp

      Filesize

      4KB

      Download