metasploit | 25c18a2672d6a84e63ae0a4db2b663b5f6497eca797782241e319ec98e41d3c7

Sharing

Copy URL Twitter E-mail

General

Target

25c18a2672d6a84e63ae0a4db2b663b5f6497eca797782241e319ec98e41d3c7
Size

15KB
MD5

f5e6aa44989451ef3f6bff60c5bb62b4
SHA1

5752ff652e85a688901a9de2d9d11a381e6833c5
SHA256

25c18a2672d6a84e63ae0a4db2b663b5f6497eca797782241e319ec98e41d3c7
SHA512

bb39e8e3017be54c0336696624126c3d47a94474ab34ee18735c8b737e2e893d61822e089c4cc8352f8e5f62206526299dfa563b9c61a1b5645fc096549df6ac
SSDEEP

384:BA1aX1H97Z9UYL1WAbtZlumxlJlWDlgW:BvT/RLuoOl

Score

10^/10

metasploit

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

http://192.168.0.122:80/calc.exe

Signatures

Metasploit family
metasploit

Files

25c18a2672d6a84e63ae0a4db2b663b5f6497eca797782241e319ec98e41d3c7
.exe windows x86

8b1fc5c989964e6fc1675250748f63dc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_cexit
_XcptFilter
_exit
_c_exit

advapi32

RegDeleteValueA
RegOpenKeyExA
RegCloseKey
RegSetValueExA
RegCreateKeyA
RegCreateKeyExA

kernel32

lstrcpynA
lstrlenA
GetSystemDirectoryA
GetSystemWindowsDirectoryA
GetVersionExA
GetACP
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LocalFree
CloseHandle
ResetEvent
OpenEventA
CreateProcessA
lstrcatA
GetSystemInfo
lstrcmpiA
FreeLibrary
LoadLibraryA
CreateEventA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetModuleHandleA
GetStartupInfoA
LocalAlloc
GetProcAddress

user32

EnumWindows
GetClassNameA
FindWindowA
PostMessageA
SetTimer
KillTimer
MsgWaitForMultipleObjects
PeekMessageA
TranslateMessage
DispatchMessageA
GetMessageA
SetWindowPos
LoadCursorA
RegisterClassExA
DefWindowProcA
PostQuitMessage
CreateWindowExA
GetSystemMetrics

msctf

TF_InitSystem
TF_GetGlobalCompartment
TF_InvalidAssemblyListCacheIfExist
TF_InvalidAssemblyListCache
TF_PostAllThreadMsg
TF_CreateCicLoadMutex
TF_UninitSystem

msutb

ClosePopupTipbar
GetPopupTipbar

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 528B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

8b1fc5c989964e6fc1675250748f63dc

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

kernel32

user32

msctf

msutb

Sections

.text Size: 11KB - Virtual size: 10KB

.data Size: 512B - Virtual size: 528B

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 11KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 528B

.rsrc
Size: 2KB - Virtual size: 2KB