metasploit | 0ce4a54054f46b779e57efe626bdf09934f7131634a4b072efbfb2a3cc665bc5

Sharing

Copy URL

Twitter E-mail

General

Target

0ce4a54054f46b779e57efe626bdf09934f7131634a4b072efbfb2a3cc665bc5
Size

829KB
MD5

4e06375eab07f84dbb43df1d8b036f0e
SHA1

2f371336c4c5d460151f9b1217a4c7e859513817
SHA256

0ce4a54054f46b779e57efe626bdf09934f7131634a4b072efbfb2a3cc665bc5
SHA512

a71a8276ced073b2de2762d5b548e4d598bfb3d8f87ed5b7d2767569a3ce1193a9850605ed61bc1a3aa20f41bb8c6980b0064323e2b0f43390687050cc61949e
SSDEEP

24576:X6T56P7zY0yzku5tCP3YPKOWT5UanW6Mb6zki:A8zmQuPCP3YxMua25i

Score

10^/10

metasploit

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/reverse_tcp

112.74.105.11:1438

Signatures

Metasploit family
metasploit

Files

0ce4a54054f46b779e57efe626bdf09934f7131634a4b072efbfb2a3cc665bc5
.zip
webɨ��/Interop.SHDocVw.dll
.dll windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorDllMain

Sections

.text
Size: 140KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
webɨ��/WebCruiser20220804.log
webɨ��/WebCruiser20220805.log
webɨ��/WebCruiser20220806.log
webɨ��/WebCruiserWVS.Patched.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 608KB - Virtual size: 608KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
webɨ��/WebCruise��İ�.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 784KB - Virtual size: 784KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
webɨ��/combo.txt
webɨ��/password.txt
webɨ��/username.txt

Sharing

General

Malware Config

Extracted

Extracted

Signatures

Files

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 140KB - Virtual size: 136KB

.rsrc Size: 4KB - Virtual size: 824B

.reloc Size: 4KB - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 608KB - Virtual size: 608KB

.rsrc Size: 18KB - Virtual size: 18KB

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 784KB - Virtual size: 784KB

.rsrc Size: 18KB - Virtual size: 18KB

.reloc Size: 512B - Virtual size: 512B

.text
Size: 140KB - Virtual size: 136KB

.rsrc
Size: 4KB - Virtual size: 824B

.reloc
Size: 4KB - Virtual size: 12B

.text
Size: 608KB - Virtual size: 608KB

.rsrc
Size: 18KB - Virtual size: 18KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 784KB - Virtual size: 784KB

.rsrc
Size: 18KB - Virtual size: 18KB

.reloc
Size: 512B - Virtual size: 512B