metasploit | 3792e0261dc09bed6869e963aac25475fd6feaf4e8608a39ac80bc7650f2e7a7

General

Target

3792e0261dc09bed6869e963aac25475fd6feaf4e8608a39ac80bc7650f2e7a7
Size

17KB
MD5

43a268b026969516ad1b6f05bae32520
SHA1

d020ed5f53b98853792b8d4be5b15c345fa9dd1a
SHA256

3792e0261dc09bed6869e963aac25475fd6feaf4e8608a39ac80bc7650f2e7a7
SHA512

90ac005c8a812bb0b94b52333370abf1a839b21ab458f2f0158cb72751bbf4d870c4d0114fd0c0ae320c0eb1528260f5170ae1e2538317023fa6f1a6306725e9
SSDEEP

384:gEleNlJdS1wKwHC7zkPKuScyJ/DLCYpWAxOjWL0:gXTskXS5J3CYa

Score

10^/10

metasploit

Malware Config

Extracted

Family

metasploit

Version

encoder/fnstenv_mov

Extracted

Family

metasploit

Version

windows/exec

Signatures

Metasploit family
metasploit

Files

3792e0261dc09bed6869e963aac25475fd6feaf4e8608a39ac80bc7650f2e7a7
.exe windows x86

c81802188885a0373664502ae476c2aa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FormatMessageA
MoveFileA
DeleteFileA
GetLastError
GetProcAddress
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
GetLocalTime
LocalFree
IsDBCSLeadByteEx
SetThreadUILanguage

msvcrt

_cexit
__initenv
__getmainargs
_initterm
__setusermatherr
_write
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_close
_exit
_open
_c_exit
fprintf
_errno
atol
_strnicmp
_stricmp
free
malloc
isprint
fputs
strncpy
_itoa
atoi
_CIpow
calloc
sprintf
_getpid
time
exit
getc
_read
_stat
_iob
_dup
_fdopen
fopen
putc
_unlink
fclose
_XcptFilter
_access
_adjust_fdiv

ws2_32

socket
bind
getsockname
closesocket
recvfrom
getservbyname
getnameinfo
htons
ntohs
select
getaddrinfo
WSAStartup
freeaddrinfo
sendto

user32

CharNextExA
CharToOemBuffA

mswsock

s_perror

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 684B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Extracted

Signatures

Files

c81802188885a0373664502ae476c2aa

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

ws2_32

user32

mswsock

Sections

.text Size: 10KB - Virtual size: 9KB

.data Size: 512B - Virtual size: 684B

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 10KB - Virtual size: 9KB

.data
Size: 512B - Virtual size: 684B

.rsrc
Size: 6KB - Virtual size: 5KB