metasploit | ed448a242c66c6f547cab3c480129c17b17b9208642ccd82e4f5d0b51e5f6e67

Analysis

max time kernel
120s
max time network
121s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
07-12-2024 08:13

Target

ed448a242c66c6f547cab3c480129c17b17b9208642ccd82e4f5d0b51e5f6e67.exe
Size

23KB
MD5

91febce2e719925ecc48b2a406655fbd
SHA1

42b1599ff17e3ddae03553ea7710433f6807b773
SHA256

ed448a242c66c6f547cab3c480129c17b17b9208642ccd82e4f5d0b51e5f6e67
SHA512

a9dc84b5a9a444a9c9b456293c83d07a98769c8bda8050b8acb93ceff1a7dc85a1ae19bf23a0e3629dae4bae92e4e8c8561b300d69c3a248d745399250634a25
SSDEEP

384:Vq+ci0Q8ELW2Fb7Rp/o8AEpldYdsxvBg7gJR:Oi0Qfh7RKsxvBp

Score

10^/10

Family

metasploit

Version

encoder/shikata_ga_nai

Family

metasploit

Version

windows/reverse_tcp

192.168.196.144:456

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit
Metasploit family
metasploit

C:\Users\Admin\AppData\Local\Temp\ed448a242c66c6f547cab3c480129c17b17b9208642ccd82e4f5d0b51e5f6e67.exe
"C:\Users\Admin\AppData\Local\Temp\ed448a242c66c6f547cab3c480129c17b17b9208642ccd82e4f5d0b51e5f6e67.exe"
1⤵
PID:1244

memory/1244-0-0x0000000000030000-0x0000000000031000-memory.dmp

Filesize
4KB

Download
memory/1244-2-0x0000000000030000-0x0000000000031000-memory.dmp

Filesize
4KB

Download
memory/1244-4-0x0000000000400000-0x000000000040C000-memory.dmp

Filesize
48KB

Download