metasploit | 97f82065b4eaeacf983dc9758bd504f2928ce7c6128e20de6d66b57b40d5507e | Triage

Submit
Reports

Overview

overview

Static

static

97f82065b4...7e.exe

windows7-x64

1

97f82065b4...7e.exe

windows10-2004-x64

1

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

97f82065b4eaeacf983dc9758bd504f2928ce7c6128e20de6d66b57b40d5507e.exe

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

97f82065b4eaeacf983dc9758bd504f2928ce7c6128e20de6d66b57b40d5507e.exe

Resource

win10v2004-20220812-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

97f82065b4eaeacf983dc9758bd504f2928ce7c6128e20de6d66b57b40d5507e
Size

15KB
MD5

9f16494d61cb62c9142df8bc7546ca6a
SHA1

708bbbdb637b648dd88e9be67257ee9a332b8651
SHA256

97f82065b4eaeacf983dc9758bd504f2928ce7c6128e20de6d66b57b40d5507e
SHA512

3f9a41a90bfbc2f07c4cf34d66004b32c2f37449e9102afdba24e480f4346aee85e4ec0ea2fa82429d626894da82179426ec0b57aa8b730c2c9d94a425f400cb
SSDEEP

192:u+bTQBk4Alh9pBpbtQYQK5YouI125t+c7b:xbn4Aj9pBpbwK5YvI1wnb

Score

10^/10

metasploit

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

192.168.10.157:4444

Signatures

Metasploit family
metasploit

Files

97f82065b4eaeacf983dc9758bd504f2928ce7c6128e20de6d66b57b40d5507e
.exe windows x86

b093b9b6223af7f9e72d34d8765aa77f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegisterServiceCtrlHandlerA
SetServiceStatus
StartServiceCtrlDispatcherA

kernel32

CloseHandle
CreateProcessA
ExitProcess
GetThreadContext
ResumeThread
SetThreadContext
VirtualAllocEx
WriteProcessMemory

msvcrt

memset

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 48B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2024

Terms | Privacy