metasploit | 1097226874c0310a98e97b9c8dfce86f4dc459d8faa8cd40ab5039aaaa579739

Sharing

Copy URL Twitter E-mail

General

Target

1097226874c0310a98e97b9c8dfce86f4dc459d8faa8cd40ab5039aaaa579739
Size

27KB
MD5

9830307f22a3e2ab770b6af1db29b0ce
SHA1

d9cf190b1b44aa937451731019e90693ed59027a
SHA256

1097226874c0310a98e97b9c8dfce86f4dc459d8faa8cd40ab5039aaaa579739
SHA512

47bf08100b1ad2dad3199508e06f4cde10995452be0ba5488dd39bf9d9174489bfbf16d06a1c152b7ae1f8dcc23c560aa8200a4eb950aba14a69c8795f98969f
SSDEEP

384:AqROzQcKoK48tx8TxeDC83uKDq+V+rwG6loexeWzoUPcoqAG:14zQio9Dqc+D9XW0UqX

Score

10^/10

metasploit

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

10.211.55.12:8877

Signatures

Metasploit family
metasploit

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1097226874c0310a98e97b9c8dfce86f4dc459d8faa8cd40ab5039aaaa579739

Files

1097226874c0310a98e97b9c8dfce86f4dc459d8faa8cd40ab5039aaaa579739
.dll windows x86

6a6f76a6cc66b8c8c1dec213f5584706

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetLastError
GetModuleHandleA
GetProcAddress
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
TlsGetValue
VirtualProtect
VirtualQuery

msvcrt

__dllonexit
_errno
_iob
abort
calloc
fflush
fwrite
malloc
vfprintf
free

Exports

Exports

buf
main

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 420B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 104B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 78B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 700B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/14
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/29
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/41
Size: 512B - Virtual size: 309B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/55
Size: 512B - Virtual size: 343B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

6a6f76a6cc66b8c8c1dec213f5584706

Headers

File Characteristics

Imports

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 3KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 420B

.rdata Size: 1024B - Virtual size: 1008B

/4 Size: 1KB - Virtual size: 1KB

.bss Size: - Virtual size: 104B

.edata Size: 512B - Virtual size: 78B

.idata Size: 1024B - Virtual size: 700B

.CRT Size: 512B - Virtual size: 24B

.tls Size: 512B - Virtual size: 32B

.reloc Size: 512B - Virtual size: 284B

/14 Size: 512B - Virtual size: 24B

/29 Size: 8KB - Virtual size: 7KB

/41 Size: 512B - Virtual size: 309B

/55 Size: 512B - Virtual size: 343B

.text
Size: 3KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 420B

.rdata
Size: 1024B - Virtual size: 1008B

/4
Size: 1KB - Virtual size: 1KB

.bss
Size: - Virtual size: 104B

.edata
Size: 512B - Virtual size: 78B

.idata
Size: 1024B - Virtual size: 700B

.CRT
Size: 512B - Virtual size: 24B

.tls
Size: 512B - Virtual size: 32B

.reloc
Size: 512B - Virtual size: 284B

/14
Size: 512B - Virtual size: 24B

/29
Size: 8KB - Virtual size: 7KB

/41
Size: 512B - Virtual size: 309B

/55
Size: 512B - Virtual size: 343B