metasploit | 166f67f2d542c5adf832690d75960434728f0603f23f0125c8b741d51b9b3be0

Analysis

max time kernel
118s
max time network
119s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
07-12-2024 08:13

Target

166f67f2d542c5adf832690d75960434728f0603f23f0125c8b741d51b9b3be0.exe
Size

23KB
MD5

c41a705c9cdb3f3055f84d23460988ff
SHA1

f760853aaa6ebf9e6c012e4c0139377cc93d6e75
SHA256

166f67f2d542c5adf832690d75960434728f0603f23f0125c8b741d51b9b3be0
SHA512

966c4922bfd1257d94d6937447a99647710029e10440b56e6906afef524a86e12014b18d3a662b7e181cd49d3e3ddfa41b74e649cc02330c901c1c555378af33
SSDEEP

384:xq+ci0Q8ELW2Fb7Rp/o8AEpRPpAvYdsxvBg7gJR:Ci0Qfh7RE+sxvBp

Score

10^/10

Family

metasploit

Version

encoder/shikata_ga_nai

Family

metasploit

Version

windows/reverse_tcp

192.168.196.144:456

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit
Metasploit family
metasploit

C:\Users\Admin\AppData\Local\Temp\166f67f2d542c5adf832690d75960434728f0603f23f0125c8b741d51b9b3be0.exe
"C:\Users\Admin\AppData\Local\Temp\166f67f2d542c5adf832690d75960434728f0603f23f0125c8b741d51b9b3be0.exe"
1⤵
PID:2032

memory/2032-0-0x0000000000030000-0x0000000000031000-memory.dmp

Filesize
4KB

Download
memory/2032-2-0x0000000000030000-0x0000000000031000-memory.dmp

Filesize
4KB

Download
memory/2032-4-0x0000000000400000-0x000000000040C000-memory.dmp

Filesize
48KB

Download