Extracted

• • Target

    5d5b8308cb4e2b8953d0ae655fbf3280831791c6aab585baaffac755edccda2b

  • Size

    84KB

  • MD5

    c03a7136157d7368cc6593e7123400d3

  • SHA1

    da6a164c4aabbf2f650ef04a40921ebdc32f1fbe

  • SHA256

    5d5b8308cb4e2b8953d0ae655fbf3280831791c6aab585baaffac755edccda2b

  • SHA512

    290ccf748d6f74ce0c25d5440f2f0e98fac76e8b99edb81c49c547030e95f1da98217a430ab79e21186381c0e3e2be9a7e112d5d038b96ba587b6f594cad01ee

  • SSDEEP

    1536:ZBgfmM2qygswi7+nVWQ0hF6Rlykl+/6bFLWxRr+jikaS8FzZBlRFJM6kbm5O:wHzZziMVPkKyO+CJQ+jikaS8zJiaO

  Score

  10^/10

  metasploitbackdoordiscoveryexecutiontrojan

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit

  • Metasploit family

    metasploit

  • Process spawned unexpected child process

    This typically indicates the parent process was compromised via an exploit or macro.

  • Command and Scripting Interpreter: PowerShell

    Run Powershell and hide display window.

    execution
  behavioral1behavioral2