metasploit | cdcace8fbb5d64963234d51b7f756a10b0504ce73a4ae5da9b1963096631a124

Analysis

max time kernel
92s
max time network
142s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
05/12/2024, 17:05

Target

cdcace8fbb5d64963234d51b7f756a10b0504ce73a4ae5da9b1963096631a124.exe
Size

258KB
MD5

6f99152b7ca97851166a4a6758ec5167
SHA1

011584db85bc0db9eda791255578aa434041dfcc
SHA256

cdcace8fbb5d64963234d51b7f756a10b0504ce73a4ae5da9b1963096631a124
SHA512

fbbb3f14a028e17532f6d23151f2cc80d22d38904ba6a682b924c69e7f4a415151fd3be0ee3377e565b1d0df41ad15510eb679e6238d94103590ac1b69f6d0d8
SSDEEP

6144:Pv0TIJu+3GXNHTM9gaxRTKp9dm2ua7jZiX+pJLh6:ETf+2dzMe2Kua7MX+r6

Score

10^/10

Family

metasploit

Version

windows/download_exec

http://192.168.239.129:17822/3vfM

Attributes

headers User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; XBLWP7; ZuneWP7)

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit
Metasploit family
metasploit

C:\Users\Admin\AppData\Local\Temp\cdcace8fbb5d64963234d51b7f756a10b0504ce73a4ae5da9b1963096631a124.exe
"C:\Users\Admin\AppData\Local\Temp\cdcace8fbb5d64963234d51b7f756a10b0504ce73a4ae5da9b1963096631a124.exe"
1⤵
PID:5044

memory/5044-0-0x0000024D183C0000-0x0000024D183C1000-memory.dmp

Filesize
4KB

Download
memory/5044-1-0x00007FF7ADDC0000-0x00007FF7ADE09000-memory.dmp

Filesize
292KB

Download