Overview

overview

10

Static

static

10

8199573f72...5c.exe

windows7-x64

10

8199573f72...5c.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    105s
  • max time network
    113s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    02-12-2024 11:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8199573f726ca5f3139c3ce68a15246d314e7a3d812d84f4119cb09c3353f05c.exe

  • Size

    7KB

  • MD5

    5dd3dbe3235f9dc3635c74e2735c87a2

  • SHA1

    d8214280591240138bc07b2c3a82298c52afb318

  • SHA256

    8199573f726ca5f3139c3ce68a15246d314e7a3d812d84f4119cb09c3353f05c

  • SHA512

    fa9ee14792a23a9bce6374c9bfa8eb11d9d266b7ab9568ee1d52c006895d8dbce82079a5652d5e15f5d89792de307b9cd640626ccf420600c6f151b693d25039

  • SSDEEP

    24:eFGStrJ9u0/6WvlxnZdkBQAVv1Yh7YKLq0eNDMSCvOXpmB9:is0HvjkBQYqh0USD9C2kB9

Score
10/10
metasploitbackdoortrojan

Malware Config

Extracted

Family

metasploit

Version

metasploit_stager

C2

10.0.2.14:443

Signatures

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit
  • Metasploit family
    metasploit

Processes

  • C:\Users\Admin\AppData\Local\Temp\8199573f726ca5f3139c3ce68a15246d314e7a3d812d84f4119cb09c3353f05c.exe
    "C:\Users\Admin\AppData\Local\Temp\8199573f726ca5f3139c3ce68a15246d314e7a3d812d84f4119cb09c3353f05c.exe"
    1⤵
      PID:5004

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/5004-0-0x0000000140000000-0x0000000140004278-memory.dmp

      Filesize

      16KB

      Download

    • memory/5004-1-0x0000000140000000-0x0000000140004278-memory.dmp

      Filesize

      16KB

      Download