metasploit | 132fa71af952927e1961f735e68ae38a3305e7ae8d7197c170d071f74db60d1c

Sharing

Copy URL

Twitter E-mail

General

Target

132fa71af952927e1961f735e68ae38a3305e7ae8d7197c170d071f74db60d1c
Size

9KB
MD5

9aa5b004ace48663e5344aa4022a875b
SHA1

0ad881ae9ecb6029b2d9e7766b1ffa3420f9b15f
SHA256

132fa71af952927e1961f735e68ae38a3305e7ae8d7197c170d071f74db60d1c
SHA512

2833e26e5409381b606b059a1095978ef2038aba843c1c53e05a5c302e9a5d695b1f37117f83820f27a7325b0084066530863c478f7fcb87f604136996f1f982
SSDEEP

96:DTAmpla/4ou1IBgsqRwqG5CFSDAKgd668Rr3kSE5pz6P9qRxSpA9:DLmhuCDqG5CSsd6hT7E5pz6P9qGpw

Score

10^/10

metasploit

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

http://213.227.154.92:8080/jquery-3.3.1.slim.min.js

Signatures

Metasploit family
metasploit

Files

132fa71af952927e1961f735e68ae38a3305e7ae8d7197c170d071f74db60d1c
.exe windows x86

3a32f7ae861b4175c54a9a940dc688ba

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeConsole
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetModuleHandleW

vcruntime140

_except_handler4_common
memset

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_initialize_onexit_table
_register_onexit_function
_c_exit
_crt_atexit
_controlfp_s
terminate
_cexit
_register_thread_local_exe_atexit_callback
__p___argv
__p___argc
_exit
_initterm
_get_initial_narrow_environment
_initialize_narrow_environment
_configure_narrow_argv
_set_app_type
_seh_filter_exe
exit

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__p__commode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_set_new_mode

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 324B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

3a32f7ae861b4175c54a9a940dc688ba

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-heap-l1-1-0

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 912B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 512B - Virtual size: 324B

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 912B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 512B - Virtual size: 324B