metasploit | 3c4aca78ea532ffbe20a71b1ae0e3864b15326ec47e56f93e2550e3709982b9b

Sharing

Copy URL Twitter E-mail

General

Target

3c4aca78ea532ffbe20a71b1ae0e3864b15326ec47e56f93e2550e3709982b9b
Size

1.0MB
MD5

08a595bd3b8deab1203d562bf239ba02
SHA1

c226b5bcb74d0e6feb70f794f8eb4c1d703716df
SHA256

3c4aca78ea532ffbe20a71b1ae0e3864b15326ec47e56f93e2550e3709982b9b
SHA512

dacf93ab4cc4a343593bfc16829235fb54be081fec8bd7b52eca997e4c895a1dd0b7c2e80b2ffd97343cd824e542a6ccb629580f16ed2a109adfd1f0faa67d60
SSDEEP

12288:eQpyGWP3Nnkqtya5SGB6yGWP3F3kqxr2l:eQMGWPRkqt/DGWPZkqx

Score

10^/10

metasploit

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Signatures

Metasploit family
metasploit

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c4aca78ea532ffbe20a71b1ae0e3864b15326ec47e56f93e2550e3709982b9b

Files

3c4aca78ea532ffbe20a71b1ae0e3864b15326ec47e56f93e2550e3709982b9b
.exe windows:4 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 8B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 8B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 337KB - Virtual size: 340KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.yqbb
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 337KB - Virtual size: 336KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PMmjXQfw
Size: 6KB - Virtual size: 6KB

HGFermsq
Size: 2KB - Virtual size: 2KB

vnzwkipg
Size: 34KB - Virtual size: 34KB

ZXOdDukO
Size: 9KB - Virtual size: 8KB

HTSoVUoF
Size: 2KB - Virtual size: 1KB

yAfADOmc
Size: 1024B - Virtual size: 1016B

dZbqXFzC
Size: 69KB - Virtual size: 69KB

TrwcRzEk
Size: 3KB - Virtual size: 3KB

uTQPTabd
Size: 31KB - Virtual size: 31KB

qmriDpIB
Size: 19KB - Virtual size: 19KB

Sharing

General

Malware Config

Extracted

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 8B - Virtual size: 4KB

.reloc Size: 8B - Virtual size: 4KB

.rsrc Size: 337KB - Virtual size: 340KB

.yqbb Size: 180KB - Virtual size: 180KB

.rsrc Size: 337KB - Virtual size: 336KB

PMmjXQfw Size: 6KB - Virtual size: 6KB

HGFermsq Size: 2KB - Virtual size: 2KB

vnzwkipg Size: 34KB - Virtual size: 34KB

ZXOdDukO Size: 9KB - Virtual size: 8KB

HTSoVUoF Size: 2KB - Virtual size: 1KB

yAfADOmc Size: 1024B - Virtual size: 1016B

dZbqXFzC Size: 69KB - Virtual size: 69KB

TrwcRzEk Size: 3KB - Virtual size: 3KB

uTQPTabd Size: 31KB - Virtual size: 31KB

qmriDpIB Size: 19KB - Virtual size: 19KB

.text
Size: 8B - Virtual size: 4KB

.reloc
Size: 8B - Virtual size: 4KB

.rsrc
Size: 337KB - Virtual size: 340KB

.yqbb
Size: 180KB - Virtual size: 180KB

.rsrc
Size: 337KB - Virtual size: 336KB

PMmjXQfw
Size: 6KB - Virtual size: 6KB

HGFermsq
Size: 2KB - Virtual size: 2KB

vnzwkipg
Size: 34KB - Virtual size: 34KB

ZXOdDukO
Size: 9KB - Virtual size: 8KB

HTSoVUoF
Size: 2KB - Virtual size: 1KB

yAfADOmc
Size: 1024B - Virtual size: 1016B

dZbqXFzC
Size: 69KB - Virtual size: 69KB

TrwcRzEk
Size: 3KB - Virtual size: 3KB

uTQPTabd
Size: 31KB - Virtual size: 31KB

qmriDpIB
Size: 19KB - Virtual size: 19KB