Static task
static1
Behavioral task
behavioral1
Sample
939e28ba7cdc334a9c97277f746615ad74bd6689fdf9b32f831dd60317643839.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
939e28ba7cdc334a9c97277f746615ad74bd6689fdf9b32f831dd60317643839.exe
Resource
win10v2004-20220414-en
General
-
Target
939e28ba7cdc334a9c97277f746615ad74bd6689fdf9b32f831dd60317643839
-
Size
7KB
-
MD5
6219aa7891a2671ac424e18c534e0d43
-
SHA1
9790ea02957028b95e6820d84a9f9b557dbcbdeb
-
SHA256
939e28ba7cdc334a9c97277f746615ad74bd6689fdf9b32f831dd60317643839
-
SHA512
54f42b69f4f45c79522a96725b856eef4ce2820423afa29acaf7c5216a7dd3c89335fd82f4ae0a16c8ad3a4ee7d2f8d99c36452cdca87e497cec2061e692eec2
-
SSDEEP
24:eFGStrJ9u0/6GWYT/RnZdkBQAVoaYNq9KZqveNDMSCvOXpmB:is0TWYTpkBQVts95SD9C2kB
Malware Config
Extracted
metasploit
metasploit_stager
149.28.21.217:8198
Signatures
-
Metasploit family
Files
-
939e28ba7cdc334a9c97277f746615ad74bd6689fdf9b32f831dd60317643839.exe windows x64
b4c6fff030479aa3b12625be67bf4914
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
kernel32
VirtualAlloc
ExitProcess
Sections
.text Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 512B - Virtual size: 132B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.uxgu Size: 1024B - Virtual size: 632B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE