Static task
static1
Behavioral task
behavioral1
Sample
f988cdf69822247eb38f7ef3afef5fbb39f506ca0730b3df815f42c40f67f31a.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
f988cdf69822247eb38f7ef3afef5fbb39f506ca0730b3df815f42c40f67f31a.exe
Resource
win10v2004-20220414-en
General
-
Target
f988cdf69822247eb38f7ef3afef5fbb39f506ca0730b3df815f42c40f67f31a.exe
-
Size
7KB
-
MD5
1864d1355bcb0bf18c2566ba153d327d
-
SHA1
2e88eea1969668780195734fb75de5827e329fc9
-
SHA256
f988cdf69822247eb38f7ef3afef5fbb39f506ca0730b3df815f42c40f67f31a
-
SHA512
5d3e564afd98ab21005862477ac95318752fb272e5a73f301f4fdd702a76c7e7508eb9c827bedaff618176cb9e0e809a8f01fde0c661adc50cc4d3464949bf3b
-
SSDEEP
24:eFGStrJ9u0/6yWnZdkBQAV2G1kw9KZqA0eNDMSCvOXpmB:is0LukBQW+w9ZSD9C2kB
Malware Config
Extracted
metasploit
metasploit_stager
192.168.159.169:6677
Signatures
-
Metasploit family
Files
-
f988cdf69822247eb38f7ef3afef5fbb39f506ca0730b3df815f42c40f67f31a.exe.exe windows x64
b4c6fff030479aa3b12625be67bf4914
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
kernel32
VirtualAlloc
ExitProcess
Sections
.text Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 512B - Virtual size: 132B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.ctxr Size: 1024B - Virtual size: 632B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE