Behavioral task
behavioral1
Sample
c61f195fdac16c3bab45740033d4debf105cc9ca2124ee9595d28c93c0e70106.exe
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
c61f195fdac16c3bab45740033d4debf105cc9ca2124ee9595d28c93c0e70106.exe
Resource
win10v2004-20230915-en
General
-
Target
c61f195fdac16c3bab45740033d4debf105cc9ca2124ee9595d28c93c0e70106
-
Size
857KB
-
MD5
7766ca139da64219e53b4b56d6d8d676
-
SHA1
b13815eee6f2cabf5076e5f2e4b4699afdbe2ef2
-
SHA256
c61f195fdac16c3bab45740033d4debf105cc9ca2124ee9595d28c93c0e70106
-
SHA512
bba679a36ec53c8ad30feb73bd5065d14dad248e2a2608b6fbaef328ea7e300ed18a23e83f7f7e8c5a30146d085de568f49281aa883cc07bfcbb23697a200a5f
-
SSDEEP
6144:WQpyGuhPG7cNnkqi+Fzr/vy6ytyn5PtKtGBUDkTQIofyGuhPG7cF3kqC+F:WQpyGWP3Nnkqtya5SGB6yGWP3F3kq
Malware Config
Extracted
metasploit
encoder/shikata_ga_nai
Signatures
-
Metasploit family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource c61f195fdac16c3bab45740033d4debf105cc9ca2124ee9595d28c93c0e70106
Files
-
c61f195fdac16c3bab45740033d4debf105cc9ca2124ee9595d28c93c0e70106.exe windows:4 windows x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 8B - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.reloc Size: 8B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.rsrc Size: 337KB - Virtual size: 340KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.yqbb Size: 180KB - Virtual size: 180KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 337KB - Virtual size: 336KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ