metasploit | 0a7a752149d1c68462bf83499608cbb8e08ff88fc8031a092f1ceeb836e007b7

Sharing

Copy URL

Twitter E-mail

General

Target

0a7a752149d1c68462bf83499608cbb8e08ff88fc8031a092f1ceeb836e007b7
Size

164KB
MD5

6175a802e7275e74c2b218ba64bb15d5
SHA1

5a5c1271bd57a93bcec90c6009745dcf063214b5
SHA256

0a7a752149d1c68462bf83499608cbb8e08ff88fc8031a092f1ceeb836e007b7
SHA512

93c120857fa5b78cb639fa4910d96c2468b5dd4dd7ae955ed0b6d3b91737cbf29939b5e1287c0467fbb34e58950f4c5205f3a708971d06fd8d5d888d9ed97f0f
SSDEEP

3072:fwPARSBZC6HgXCUs8EIqO295RnejMofH0:7IFHgXCatIrnej3H0

Score

10^/10

metasploit

Malware Config

Extracted

Family

metasploit

Version

encoder/fnstenv_mov

Signatures

Metasploit family
metasploit

Files

0a7a752149d1c68462bf83499608cbb8e08ff88fc8031a092f1ceeb836e007b7
.exe windows x86

79e5523355a37ea359c7a509ecdbbcff

Code Sign

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSACleanup
WSAStartup
ioctlsocket
bind
listen
accept
inet_addr
htons
connect
setsockopt
recv
closesocket
socket
send
select
__WSAFDIsSet

kernel32

GetLocaleInfoA
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetLastError
Sleep
CreateThread
GetModuleFileNameA
ExitThread
LeaveCriticalSection
EnterCriticalSection
GetTickCount
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetLocalTime
QueryPerformanceCounter
QueryPerformanceFrequency
ExitProcess
CreateProcessA
CloseHandle
WriteFile
CreateFileA
GetSystemDirectoryA
LoadLibraryA
GetProcAddress
GetModuleHandleA
FormatMessageA
GlobalUnlock
GlobalLock
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
SetFileTime
GetFileTime
ExpandEnvironmentStringsA
SetFileAttributesA
GetFileAttributesA
GetTempPathA
WideCharToMultiByte
MultiByteToWideChar
GetComputerNameA
GetCurrentProcess
TerminateProcess
OpenProcess
GetVersionExA
GetLogicalDrives
DeleteFileA
GetCurrentProcessId
CopyFileA
WaitForSingleObject
CreateMutexA
MoveFileA
GlobalMemoryStatus
GetTimeFormatA
GetDateFormatA
TerminateThread
HeapAlloc
HeapFree
RtlUnwind
HeapReAlloc
GetTimeZoneInformation
GetSystemTime
GetStartupInfoA
GetCommandLineA
GetVersion
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
RaiseException
HeapSize
ReadFile
LCMapStringA
LCMapStringW
GetCPInfo
GetACP
GetOEMCP
SetFilePointer
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings

Sections

.text
Size: 124KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 418KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Extracted

Signatures

Files

79e5523355a37ea359c7a509ecdbbcff

Code Sign

Headers

File Characteristics

Imports

ws2_32

kernel32

Sections

.text Size: 124KB - Virtual size: 123KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 32KB - Virtual size: 418KB

.text
Size: 124KB - Virtual size: 123KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 32KB - Virtual size: 418KB