Static task
static1
Behavioral task
behavioral1
Sample
b2f80c516207c691e18dd4a347146bee37d76e208a3745f6aa150dc4ff821336.exe
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
b2f80c516207c691e18dd4a347146bee37d76e208a3745f6aa150dc4ff821336.exe
Resource
win10v2004-20220414-en
General
-
Target
b2f80c516207c691e18dd4a347146bee37d76e208a3745f6aa150dc4ff821336
-
Size
4KB
-
MD5
d1c71f80a7ca3d8fd6eb25afd8685e54
-
SHA1
e17de42aabf98e65fa3e1bb5b0ad748f319b4c71
-
SHA256
b2f80c516207c691e18dd4a347146bee37d76e208a3745f6aa150dc4ff821336
-
SHA512
2fb0cad6f4fb56a0c6078d4fe60044fa27918a9a3e412255111d90efeef528a5ae0de81b5273e21b0e54d024bf81c7eafe771055b152001a04ee11354b291d56
-
SSDEEP
96:MgJBdZIQrAbXzTxZEXoh3Sw1DvxTdV31+Yj9gpIa:fZlrArztqXoh3SK7xpVlFJgpr
Malware Config
Extracted
metasploit
encoder/shikata_ga_nai
Extracted
metasploit
windows/reverse_tcp
192.168.86.59:3790
Signatures
-
Metasploit family
Files
-
b2f80c516207c691e18dd4a347146bee37d76e208a3745f6aa150dc4ff821336.exe windows x86
f9ade0aa18f660a34a4fa23392e21838
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
kernel32
ExitProcess
Sections
.text Size: 512B - Virtual size: 40B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 100B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE