metasploit | 6a9109ad1bc3787d6a905eb7189d711126400076f21b396e94985ca17b6302cf | Triage

Submit
Reports

Overview

overview

Static

static

7

6a9109ad1b...cf.exe

windows7-x64

6a9109ad1b...cf.exe

windows10-2004-x64

Sharing

General

Target

6a9109ad1bc3787d6a905eb7189d711126400076f21b396e94985ca17b6302cf
Size

1.2MB
Sample

241205-spq6fszmhy
MD5

44b8dc70c4158de50c0fcf73d2ad9c7b
SHA1

2858f66fcaadce630e7ef46dcc8cfdc82287d76c
SHA256

6a9109ad1bc3787d6a905eb7189d711126400076f21b396e94985ca17b6302cf
SHA512

cf0025932ae02e05f6c8ca8ed383fdb83c4adcfd3f3dfeab536360d4f9d38dbfe2e0ebabcd342a92ac5994f8f628ed7d747659c6d0ef366b149a6cf255ce3b06
SSDEEP

24576:qDme1dGbHjJhxaGyzuBmA84I2EcEjTZnhgzyjodwhtF5EFyindsXmH:+meU1aGyKONcEjTZnqzZeTF5EFyqh

Score

10^/10

metasploit backdoor discovery trojan vmprotect

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

6a9109ad1bc3787d6a905eb7189d711126400076f21b396e94985ca17b6302cf.exe

Resource

win7-20240708-en

metasploit backdoor discovery trojan vmprotect

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

6a9109ad1bc3787d6a905eb7189d711126400076f21b396e94985ca17b6302cf.exe

Resource

win10v2004-20241007-en

metasploit backdoor discovery trojan vmprotect

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

124.248.69.230:29782

Targets

- Target
  
  6a9109ad1bc3787d6a905eb7189d711126400076f21b396e94985ca17b6302cf
- Size
  
  1.2MB
- MD5
  
  44b8dc70c4158de50c0fcf73d2ad9c7b
- SHA1
  
  2858f66fcaadce630e7ef46dcc8cfdc82287d76c
- SHA256
  
  6a9109ad1bc3787d6a905eb7189d711126400076f21b396e94985ca17b6302cf
- SHA512
  
  cf0025932ae02e05f6c8ca8ed383fdb83c4adcfd3f3dfeab536360d4f9d38dbfe2e0ebabcd342a92ac5994f8f628ed7d747659c6d0ef366b149a6cf255ce3b06
- SSDEEP
  
  24576:qDme1dGbHjJhxaGyzuBmA84I2EcEjTZnhgzyjodwhtF5EFyindsXmH:+meU1aGyKONcEjTZnqzZeTF5EFyqh
Score

10^/10

metasploit backdoor discovery trojan vmprotect
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojanvmprotect

behavioral2

metasploitbackdoordiscoverytrojanvmprotect

© 2018-2025

Terms | Privacy