Overview

overview

10

Static

static

3

a2a3fae581...97.exe

windows7-x64

10

a2a3fae581...97.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    121s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20241023-en
  • resource tags

    arch:x64arch:x86image:win7-20241023-enlocale:en-usos:windows7-x64system
  • submitted
    24-12-2024 02:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a2a3fae58157737b668eb134cc8c3e0b929094ae2defeb3c92b5a8a35e5abc97.exe

  • Size

    272KB

  • MD5

    2b162bb5a10513bfa4ba383e37f898a2

  • SHA1

    080f8a6a9d50a63290cf8545360fa433b2e53335

  • SHA256

    a2a3fae58157737b668eb134cc8c3e0b929094ae2defeb3c92b5a8a35e5abc97

  • SHA512

    b19fbeaca6f0c67a610f02e6fd2361aba5060e9d5aca4a2fb1b2a989e7a6ce33dcce39e31a1e86148359a60908a8c1b146e0ddb850e7af60db9f7005897f960d

  • SSDEEP

    6144:hTByFPIZfy+XrTOjKnsnvkr/FW10qN5gKAn:hTAtCy+XrKjKsn8rCJAn

Score
10/10
metasploitbackdoortrojan

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

3.69.157.220:14676

Signatures

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit
  • Metasploit family
    metasploit

Processes

  • C:\Users\Admin\AppData\Local\Temp\a2a3fae58157737b668eb134cc8c3e0b929094ae2defeb3c92b5a8a35e5abc97.exe
    "C:\Users\Admin\AppData\Local\Temp\a2a3fae58157737b668eb134cc8c3e0b929094ae2defeb3c92b5a8a35e5abc97.exe"
    1⤵
      PID:2824

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2824-1-0x00000000000C0000-0x00000000000D3000-memory.dmp

      Filesize

      76KB

      Download

    • memory/2824-0-0x000000013FB00000-0x000000013FB47000-memory.dmp

      Filesize

      284KB

      Download