metasploit | db8ab5216f20f733898ec4f4dd786659c157a8c1af185445d05a89b24b69b6b9

Analysis

max time kernel
15s
max time network
19s
platform
windows7_x64
resource
win7-20241010-en
resource tags

arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
submitted
15-11-2024 08:08

Target

neki.exe
Size

5.6MB
MD5

82a815bb45876d790320339bc24baf37
SHA1

47e2ee51c3bef1dec7aa9ffef5febd61d0a8a4e7
SHA256

db8ab5216f20f733898ec4f4dd786659c157a8c1af185445d05a89b24b69b6b9
SHA512

5ba91858049edeb7b42d90a578f2be2aa7955c7f08c0323b4e317b55d1ccb87863de08f9468827ba09d8e2312564d5b4f7a1251a9f2772ff3b7e6015f49d34e7
SSDEEP

49152:7tLB09ObgzLb/8xQjONoO80TSVQav4cdffd4SYHaPBDATfHi8FjpKOPswdcLMR46:ZKqTK+Q/eaPBlO9Y2hwpiHN0I

Score

10^/10

Family

metasploit

Version

windows/reverse_tcp

192.168.50.79:4444

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit
Metasploit family
metasploit

C:\Users\Admin\AppData\Local\Temp\neki.exe
"C:\Users\Admin\AppData\Local\Temp\neki.exe"
1⤵
PID:1236

memory/1236-0-0x0000000000270000-0x0000000000283000-memory.dmp

Filesize
76KB

Download
memory/1236-2-0x000000013F360000-0x000000013F881000-memory.dmp

Filesize
5.1MB

Download
memory/1236-3-0x0000000000270000-0x0000000000283000-memory.dmp

Filesize
76KB

Download