metasploit | f4d6af4a96182fc2f3de72943d8c23cea36a4736cc50d9aaf422430ce4ffcda3

Analysis

max time kernel
148s
max time network
149s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
06-12-2024 15:09

Target

f4d6af4a96182fc2f3de72943d8c23cea36a4736cc50d9aaf422430ce4ffcda3.exe
Size

11KB
MD5

02fc5bf3342969c56f49e05fd337457c
SHA1

537165153eb059d0f76a05b90518f0d995cf7d10
SHA256

f4d6af4a96182fc2f3de72943d8c23cea36a4736cc50d9aaf422430ce4ffcda3
SHA512

c9b5f2b2d9147d45597065481491732e1d4bbe8d4f74ce07a9e831d763d119443f552dcf1c6c65c8b3c25fe4ff9e35c37483552f88fb5852d3b5524785a44c67
SSDEEP

192:y39zwd5BJauI8PhSrVEWS2Eye1r7E5pz6fMwWe6O:y3hwRG8JSrVE0Lu7fWe6

Score

10^/10

Family

metasploit

Version

encoder/shikata_ga_nai

Family

metasploit

Version

windows/reverse_tcp

192.168.196.144:10010

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit
Metasploit family
metasploit

C:\Users\Admin\AppData\Local\Temp\f4d6af4a96182fc2f3de72943d8c23cea36a4736cc50d9aaf422430ce4ffcda3.exe
"C:\Users\Admin\AppData\Local\Temp\f4d6af4a96182fc2f3de72943d8c23cea36a4736cc50d9aaf422430ce4ffcda3.exe"
1⤵
PID:1904

memory/1904-0-0x0000000000030000-0x0000000000031000-memory.dmp

Filesize
4KB

Download
memory/1904-2-0x0000000000030000-0x0000000000031000-memory.dmp

Filesize
4KB

Download