Extracted

• • Target

    99d8695eee60a5a2aa4834e8292d3020bc4b15b48161ed9c03dd735c21f1837bN.exe

  • Size

    124KB

  • MD5

    33dd8c543dcec79face3e56554c36bc0

  • SHA1

    fe0fe6fa239ce64c2e4fb42a23f13903145e215c

  • SHA256

    99d8695eee60a5a2aa4834e8292d3020bc4b15b48161ed9c03dd735c21f1837b

  • SHA512

    ae6a2abd2969e39127a1a237f76406a63f56b72313e407b7cccff961629eb0c847cadc5dd22fc70764a1e52545e8cf07d01b9e488a162c05f4000c4a2552a2da

  • SSDEEP

    1536:IB+ctOey9p7rtJs0xuBCZlc/iDrH05fTvOMb+KR0Nc8QsJq3:e+ctTU7rLsBkZlRDqfTvOe0Nc8QsC

  Score

  10^/10

  metasploitbackdoordiscoverytrojanxmrigminer

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit

  • Metasploit family

    metasploit

  • XMRig Miner payload

    miner

  • Xmrig family

    xmrig

  • xmrig

    XMRig is a high performance, open source, cross platform CPU/GPU miner.

    minerxmrig

  • Downloads MZ/PE file

  • Drops startup file

  • Executes dropped EXE

  • Loads dropped DLL

  • Legitimate hosting services abused for malware hosting/C2

  behavioral1behavioral2