metasploit | 5a2017e7ea2706cef5890e24e045899617e9db39704344c2322edc88f4631101 | Triage

Submit
Reports

Overview

overview

Static

static

5a2017e7ea...01.exe

windows7_x64

1

5a2017e7ea...01.exe

windows10-2004_x64

1

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

5a2017e7ea2706cef5890e24e045899617e9db39704344c2322edc88f4631101.exe

Resource

win7-20220414-en

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

5a2017e7ea2706cef5890e24e045899617e9db39704344c2322edc88f4631101.exe

Resource

win10v2004-20220414-en

windows10-2004_x64

0 signatures

0 seconds

General

Target

5a2017e7ea2706cef5890e24e045899617e9db39704344c2322edc88f4631101
Size

883KB
MD5

4bd465654b8819fa8e183632ad4747bf
SHA1

63a32891957b91608290b51705b7b61f196de4a6
SHA256

5a2017e7ea2706cef5890e24e045899617e9db39704344c2322edc88f4631101
SHA512

7db61c1cb061ba8d5ba1433d8f770d8d60e4d49cb8e2cbcea33be573208416f8444dbe094e9abf552cb72805f4f62e7341d7ee2021170a4f39f5b2cba35c750c
SSDEEP

192:QFHBbpOpGqaw6b43vQO3ylHohxIBpPmBKDAXqxhbwfASkjyFozcCDG:mpkZvC9mBKDQExwfgeazrK

Score

10^/10

metasploit

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

192.168.2.102:443

Signatures

Metasploit family
metasploit

Files

5a2017e7ea2706cef5890e24e045899617e9db39704344c2322edc88f4631101
.exe windows x86

ae5588974bb6bf52ee5a7cf17c79de68

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

AddAtomA
ExitProcess
FindAtomA
GetAtomNameA
SetUnhandledExceptionFilter

msvcrt

__getmainargs
__p__environ
__p__fmode
__set_app_type
_cexit
_iob
_onexit
_setmode
abort
atexit
fflush
fprintf
free
malloc
memset
signal
strcat

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 736B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 862KB - Virtual size: 862KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 176B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 684B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy