Overview

overview

10

Static

static

3

0381450dfb...2N.exe

windows7-x64

10

0381450dfb...2N.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    92s
  • max time network
    96s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20-11-2024 03:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0381450dfb91ad9945826294e952373478d0a45994b2987e888edfa973990d92N.exe

  • Size

    2.0MB

  • MD5

    c468df5c05e0e2f8bf9587d52715f290

  • SHA1

    f0bbd38c1cf956f52993e03336b0cf3e8aa1ca08

  • SHA256

    0381450dfb91ad9945826294e952373478d0a45994b2987e888edfa973990d92

  • SHA512

    a0336f090a1c3d6d18cab1c5fd4ae7abf8a7b79a28dfd764de7b8f92af32f7ea54c5fcb939a860109310eb033c3ce1f6131bd0d9da61b6f09b671f467f3eceb7

  • SSDEEP

    49152:kzBQwqEAJs/6zVnrQHKOLS8ed0MzjkxwF:iyTQHKOmd0MzjkxwF

Score
10/10
metasploitbackdoortrojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Signatures

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit
  • Metasploit family
    metasploit

Processes

  • C:\Users\Admin\AppData\Local\Temp\0381450dfb91ad9945826294e952373478d0a45994b2987e888edfa973990d92N.exe
    "C:\Users\Admin\AppData\Local\Temp\0381450dfb91ad9945826294e952373478d0a45994b2987e888edfa973990d92N.exe"
    1⤵
      PID:1720

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1720-0-0x0000000000730000-0x0000000000762000-memory.dmp

      Filesize

      200KB

      Download

    • memory/1720-1-0x0000000000400000-0x0000000000530000-memory.dmp

      Filesize

      1.2MB

      Download