metasploit | e179df52f9f3d3109c26d1a306153fc82b7f1c0ca3751646e9313caa15e858d4

General

Target

e179df52f9f3d3109c26d1a306153fc82b7f1c0ca3751646e9313caa15e858d4
Size

24KB
MD5

6ccf2cfe2d36b8ed11b20cd4172aecd0
SHA1

8f6aa511eeab10ad8e378363ebed7af0a6351820
SHA256

e179df52f9f3d3109c26d1a306153fc82b7f1c0ca3751646e9313caa15e858d4
SHA512

082ebf5af4cc0548423e736bc00085e28b14fdceb18bd7ff62d2e50de3b5b237f79560c9d98dc5e7ea13c79c6c3d095bfa804edca927d517ea15152b72aff76c
SSDEEP

192:pVYMLG8ulZY83nX8CPdmzRP6rkfDT2gz3qqa1OEzAVy9e7p3psbB6vf994UHQrZU:pUZZb3X7E3qN1dD9e7p3GbRLqj

Score

10^/10

metasploit

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

192.168.46.100:443

Signatures

Metasploit family
metasploit

Files

e179df52f9f3d3109c26d1a306153fc82b7f1c0ca3751646e9313caa15e858d4
.exe windows x86

d239a08c0e74fc20f701cd9c0e71c027

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
ExitProcess
GetLastError
GetModuleHandleA
GetProcAddress
InitializeCriticalSection
LeaveCriticalSection
SetUnhandledExceptionFilter
TlsGetValue
VirtualProtect
VirtualQuery

msvcrt

__getmainargs
__p__environ
__p__fmode
__set_app_type
_cexit
_iob
_onexit
_setmode
abort
atexit
calloc
free
fwrite
memcpy
signal
vfprintf

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 276B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eh_fram
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 120B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 868B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Extracted

Extracted

Signatures

Files

d239a08c0e74fc20f701cd9c0e71c027

Headers

File Characteristics

Imports

kernel32

msvcrt

Sections

.text Size: 3KB - Virtual size: 3KB

.data Size: 2KB - Virtual size: 2KB

.rdata Size: 512B - Virtual size: 276B

.eh_fram Size: 1KB - Virtual size: 1KB

.bss Size: - Virtual size: 120B

.idata Size: 1024B - Virtual size: 868B

.CRT Size: 512B - Virtual size: 24B

.tls Size: 512B - Virtual size: 32B

.text
Size: 3KB - Virtual size: 3KB

.data
Size: 2KB - Virtual size: 2KB

.rdata
Size: 512B - Virtual size: 276B

.eh_fram
Size: 1KB - Virtual size: 1KB

.bss
Size: - Virtual size: 120B

.idata
Size: 1024B - Virtual size: 868B

.CRT
Size: 512B - Virtual size: 24B

.tls
Size: 512B - Virtual size: 32B