metasploit | 20a01af06e17d1cce126b9d37ff62d95dee45a72a38310db43118913e5742f02

Analysis

max time kernel
119s
max time network
120s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
27/03/2025, 19:13

Target

20a01af06e17d1cce126b9d37ff62d95dee45a72a38310db43118913e5742f02.exe
Size

575KB
MD5

a397478690cc72d5fec49904d2ae626c
SHA1

5c60ab8ef078b866be9cbbe278ca4efda6c38f3f
SHA256

20a01af06e17d1cce126b9d37ff62d95dee45a72a38310db43118913e5742f02
SHA512

4e74986ab6f799717b76b8f39a1a7efbde38067b8449970ac51e6f06146dccab513cb4a1fa3ee96cda65eae4fe4c5b9ecbe659fb21951e96755602d2e2e4ee6f
SSDEEP

12288:BRcrK8T20otDfbH1nwk3Ta77Hp0fWAUmBMmylc9vYFLSqoCy:BF420otlTh9vYFLSqoCy

Score

10^/10

Family

metasploit

Version

windows/download_exec

http://10.0.0.128:8899/OAxT

Attributes

headers User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0; NP06)

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit
Metasploit family
metasploit

C:\Users\Admin\AppData\Local\Temp\20a01af06e17d1cce126b9d37ff62d95dee45a72a38310db43118913e5742f02.exe
"C:\Users\Admin\AppData\Local\Temp\20a01af06e17d1cce126b9d37ff62d95dee45a72a38310db43118913e5742f02.exe"
1⤵
PID:1920

memory/1920-0-0x00000000000D0000-0x00000000000D1000-memory.dmp

Filesize
4KB

Download
memory/1920-1-0x000000013FDA0000-0x000000013FE29000-memory.dmp

Filesize
548KB

Download