metasploit | a72da25e03aedffcb43091717ef5296f1eb12414b9f822b6b717391f9dc98ad1 | Triage

Submit
Reports

Overview

overview

Static

static

a72da25e03...d1.exe

windows7-x64

1

a72da25e03...d1.exe

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

a72da25e03aedffcb43091717ef5296f1eb12414b9f822b6b717391f9dc98ad1.exe

Resource

win7-20220812-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

a72da25e03aedffcb43091717ef5296f1eb12414b9f822b6b717391f9dc98ad1.exe

Resource

win10v2004-20220901-en

windows10-2004-x64

0 signatures

150 seconds

General

Target

a72da25e03aedffcb43091717ef5296f1eb12414b9f822b6b717391f9dc98ad1
Size

32KB
MD5

c496e9777b9e4bb093d64fcb3d639de6
SHA1

16de70876cab6f034c479a769db868fe4b06b3f2
SHA256

a72da25e03aedffcb43091717ef5296f1eb12414b9f822b6b717391f9dc98ad1
SHA512

d01159e543276fd7d3aef9c7832c9cae75574ee79a7ab6efc8e4618cc924d50f51a300f0bd1ba0cea5b73f7d86af142db9e1294967d02ea5a12ae6f86d834a63
SSDEEP

768:++WZBziFCt8YdRp8/oM+rFigxpO3Xw18o:+liFCt8Yj46rFioM3Bo

Score

10^/10

metasploit

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

127.0.0.1:8080

Signatures

Metasploit family
metasploit

Files

a72da25e03aedffcb43091717ef5296f1eb12414b9f822b6b717391f9dc98ad1
.exe windows x86

1c264e3652590a8504b33a9551cf73b4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStrings
GetEnvironmentStringsW
GetCurrentThreadId
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
ReadFile
SetEndOfFile
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
GetLastError
CloseHandle
FlushFileBuffers
WriteFile
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
LoadLibraryA
VirtualAlloc
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
HeapAlloc
CreateFileA
HeapReAlloc
SetStdHandle
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
GetProcAddress

user32

GetKeyState
SetWindowsHookExA
GetMessageA
MapVirtualKeyA
GetKeyboardState
GetKeyboardLayout
ToAsciiEx
CallNextHookEx

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy