metasploit | 58172dca112b9ac8ab686a2b65205a0618fecd85a227b9f271ffc907f863208a | Triage

Submit
Reports

Overview

overview

Static

static

58172dca11...8a.dll

windows7-x64

58172dca11...8a.dll

windows10-2004-x64

8

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

58172dca112b9ac8ab686a2b65205a0618fecd85a227b9f271ffc907f863208a.dll

Resource

win7-20220718-en

metasploit backdoor trojan

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

58172dca112b9ac8ab686a2b65205a0618fecd85a227b9f271ffc907f863208a.dll

Resource

win10v2004-20220721-en

windows10-2004-x64

3 signatures

150 seconds

General

Target

58172dca112b9ac8ab686a2b65205a0618fecd85a227b9f271ffc907f863208a
Size

14KB
MD5

4a35670f74dedc80a63800b7a6359325
SHA1

a3e091ce807da2572fba42385330c72f99272548
SHA256

58172dca112b9ac8ab686a2b65205a0618fecd85a227b9f271ffc907f863208a
SHA512

0bc530960e7e8e61d392cc8ea4c35ea555eb51f15becb0ed8a4d9cc37c39a5b632d2a78a4f96f5e792216609e7ddcabfb3f99bc3150cebfbdfff95bf36627c6f
SSDEEP

48:6D640H+VzPiZerMpZytjWeyLhnhIAsYBlnfNJo9Ke3HAhHeq0JEI0oqtIzNi:WmHGzq6tjW33XlfNT6HAhsJNcy

Score

10^/10

metasploit

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://88.190.215.7:443/aWn6

Signatures

Metasploit family
metasploit

Files

58172dca112b9ac8ab686a2b65205a0618fecd85a227b9f271ffc907f863208a
.dll windows x86

0b7b4c8fba119fc8ba64403e1ce2bcf1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CloseHandle
CreateMutexA
CreateProcessA
GetLastError
GetModuleHandleA
GetProcAddress
GetThreadContext
ResumeThread
SetThreadContext
VirtualAllocEx
WriteProcessMemory

msvcrt

__dllonexit
_errno
fflush
free
malloc
memset

Exports

Exports

DllMain@12

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 68B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 212B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy