Overview

overview

10

Static

static

3

important.exe

windows7-x64

10

important.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    150s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23-12-2024 16:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    important.exe

  • Size

    3.5MB

  • MD5

    18a4199cdc67767f148535e57d26cb1c

  • SHA1

    e4da84914bcd047f84d2065097098bea676835bb

  • SHA256

    9af8cf4ddaab23832526a008ffab1fa8606dea6eff0eddab55ce88866b79eb31

  • SHA512

    d3f470eb1a5de29ee45b96f706e84cf8ad5e652278b8afa2236f8597e88f2f9abc6436757544544787f0ef6b9e63b79cf83743bd3ffbde552ea5df65c92acf57

  • SSDEEP

    98304:aeZ/bzQdEMgMsae2FhINt+WFsqQMyuyKFCz54IS0k76qe6VrpmPrq:hZ/bzrMgMsae2jK+WtQPQvIa6qe0pmPG

Score
10/10
metasploitbackdoortrojan

Malware Config

Signatures

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit
  • Metasploit family
    metasploit

Processes

  • C:\Users\Admin\AppData\Local\Temp\important.exe
    "C:\Users\Admin\AppData\Local\Temp\important.exe"
    1⤵
      PID:3580

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3580-0-0x00007FF9CFB53000-0x00007FF9CFB55000-memory.dmp

      Filesize

      8KB

      Download

    • memory/3580-1-0x00000182D02A0000-0x00000182D0634000-memory.dmp

      Filesize

      3.6MB

      Download

    • memory/3580-2-0x00000182EACD0000-0x00000182EB2F2000-memory.dmp

      Filesize

      6.1MB

      Download