Static task
static1
Behavioral task
behavioral1
Sample
79d0bc8e9b422fd10bbb803186ef6584af335799a322261439563dc8f5c5eabc.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
79d0bc8e9b422fd10bbb803186ef6584af335799a322261439563dc8f5c5eabc.exe
Resource
win10v2004-20220414-en
General
-
Target
79d0bc8e9b422fd10bbb803186ef6584af335799a322261439563dc8f5c5eabc
-
Size
7KB
-
MD5
a95b5be8aa44ef6f9e111f9ec50285f9
-
SHA1
f02c441e8158833bc634260e5d6660346dca3b36
-
SHA256
79d0bc8e9b422fd10bbb803186ef6584af335799a322261439563dc8f5c5eabc
-
SHA512
8193d0086b63d7c0c825739ed22c86a6795a33bfa2b94b70796718da76e43144695ed02c529c6007053afd4b6ad24867da7a32bbebe402204ae0e076652e70d4
-
SSDEEP
24:eFGStrJ9u0/6ukEZnZdkBQAVoaYNq9KZqyeNDMSCvOXpmB:is0/TkBQVts9cSD9C2kB
Malware Config
Extracted
metasploit
metasploit_stager
152.32.254.206:9033
Signatures
-
Metasploit family
Files
-
79d0bc8e9b422fd10bbb803186ef6584af335799a322261439563dc8f5c5eabc.exe windows x64
b4c6fff030479aa3b12625be67bf4914
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
kernel32
VirtualAlloc
ExitProcess
Sections
.text Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 512B - Virtual size: 132B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.dgha Size: 1024B - Virtual size: 632B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE