metasploit | 89b28a10985c06a23a2cb3060a91e785e7eccecfb9c2f6cdd58af9b5fb40392e | Triage

Submit
Reports

Overview

overview

Static

static

89b28a1098...2e.exe

windows7-x64

89b28a1098...2e.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

89b28a10985c06a23a2cb3060a91e785e7eccecfb9c2f6cdd58af9b5fb40392e.exe

Resource

win7-20221111-en

metasploit backdoor trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

89b28a10985c06a23a2cb3060a91e785e7eccecfb9c2f6cdd58af9b5fb40392e.exe

Resource

win10v2004-20221111-en

metasploit backdoor trojan

windows10-2004-x64

12 signatures

150 seconds

General

Target

89b28a10985c06a23a2cb3060a91e785e7eccecfb9c2f6cdd58af9b5fb40392e
Size

40KB
MD5

8572d9367ca91f14abb88ebfe493d8e9
SHA1

6c30792d21c044c8aed68c555332af1fb32dd58f
SHA256

89b28a10985c06a23a2cb3060a91e785e7eccecfb9c2f6cdd58af9b5fb40392e
SHA512

a1c6eb2dbef272c98d6a346ebc8d3a656261fe2deaf29cde80a20582c7384032f39a59d08e06fdab5693c2002e444bbcc6e42aa7e6911417c4a0a1d6e06ebe5b
SSDEEP

768:0F62kEs+ufHR5IsDLSc+CpsrpOtjRLRkftLRkfT:9EaVZYpuuftufT

Score

10^/10

metasploit

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

121.166.146.187:80

Signatures

Metasploit family
metasploit

Files

89b28a10985c06a23a2cb3060a91e785e7eccecfb9c2f6cdd58af9b5fb40392e
.exe windows x86

ec0fd12ddc31ab199fd4cc6c243cf6d0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteA

kernel32

GetCommandLineA
GetCurrentProcessId
GetModuleFileNameA
GetModuleHandleA
CloseHandle
GetProcAddress
GetSystemDirectoryA
GetTempPathA
GetWindowsDirectoryA
LoadLibraryA
CreateFileA
ReadFile
RtlUnwind
SetFilePointer
WriteFile

advapi32

RegCloseKey
RegOpenKeyExA
RegSetValueExA

crtdll

__GetMainArgs
exit
free
malloc
memset
raise
rand
signal
srand
strcat
strchr
strncpy
time

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 596B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 160B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 924B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

© 2018-2025

Terms | Privacy