metasploit | 5e9a225092478d3f2b89a269405e037fcda8fff901442f4d1555012652c6aa44 | Triage

Submit
Reports

Overview

overview

Static

static

5e9a225092...44.dll

windows7-x64

5e9a225092...44.dll

windows10-2004-x64

8

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

5e9a225092478d3f2b89a269405e037fcda8fff901442f4d1555012652c6aa44.dll

Resource

win7-20220718-en

metasploit backdoor trojan

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

5e9a225092478d3f2b89a269405e037fcda8fff901442f4d1555012652c6aa44.dll

Resource

win10v2004-20220721-en

windows10-2004-x64

3 signatures

150 seconds

General

Target

5e9a225092478d3f2b89a269405e037fcda8fff901442f4d1555012652c6aa44
Size

5KB
MD5

0b324c7e60d9a207a834338e026f83c2
SHA1

d6b82a45fb4df63f3bc46c1925d8134dbe7b1419
SHA256

5e9a225092478d3f2b89a269405e037fcda8fff901442f4d1555012652c6aa44
SHA512

15e0f149b26a004d3633a080fceaa4f72ab56180da81df037e6460d2105f0b9aeb7249efd528a6df2e2cb014a706fd122aac0a38982c84f4462563bf2b3637f8
SSDEEP

24:ev1GSFGFajE/K3tQ3zSaJ2IkM6Pv617s3h/LjpKpuMAmwyhZoK3ly:qFGFajFK3zSIe7h/TMXhZoKE

Score

10^/10

metasploit

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

79.21.107.93:4444

Signatures

Metasploit family
metasploit

Files

5e9a225092478d3f2b89a269405e037fcda8fff901442f4d1555012652c6aa44
.dll windows x86

22647e5b96f2de81d003f25d98d7d2dc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
ExitThread
ResumeThread
CreateProcessA
GetThreadContext
SetThreadContext
VirtualAllocEx
WriteProcessMemory

Sections

.text
Size: 512B - Virtual size: 338B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 268B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2024

Terms | Privacy