Static task
static1
Behavioral task
behavioral1
Sample
0f49e2c3ecf711a00699be0c123d34eb3dcdead5d0dc8ebe80af66b200649729.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
0f49e2c3ecf711a00699be0c123d34eb3dcdead5d0dc8ebe80af66b200649729.exe
Resource
win10v2004-20220414-en
General
-
Target
0f49e2c3ecf711a00699be0c123d34eb3dcdead5d0dc8ebe80af66b200649729
-
Size
7KB
-
MD5
22353e561f4a153b5e6bc7265081964c
-
SHA1
0f92b6262112e7dd13b4cc05d3826ae9df6274c9
-
SHA256
0f49e2c3ecf711a00699be0c123d34eb3dcdead5d0dc8ebe80af66b200649729
-
SHA512
784e98e17fcd0878fe8bc3e18440cb7be4d8c89f6e2bc9e935f101897103747da565cb2c39c29e446bd51369d0650d0689a2919603f36853422ac8418b829238
-
SSDEEP
24:eFGStrJ9u0/6evHnZdkBQAVoaYNq9KZqWxIeNDMSCvOb4pmB:is07vjkBQVts982SD9C2HB
Malware Config
Extracted
metasploit
metasploit_stager
187.74.75.191:3537
Signatures
-
Metasploit family
Files
-
0f49e2c3ecf711a00699be0c123d34eb3dcdead5d0dc8ebe80af66b200649729.exe windows x64
b4c6fff030479aa3b12625be67bf4914
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
kernel32
VirtualAlloc
ExitProcess
Sections
.text Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 512B - Virtual size: 132B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.mwpr Size: 1024B - Virtual size: 632B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE