metasploit | ca624d70f4ca9ad38c3f009c84f7929255f2b294cb271147ab8bbe0ae15415dd

General

Target

ca624d70f4ca9ad38c3f009c84f7929255f2b294cb271147ab8bbe0ae15415dd
Size

1.5MB
MD5

80453ef3191733a42cddb271b882748b
SHA1

76991c495a3f47ff5b63b2a68994b16cb17bfe94
SHA256

ca624d70f4ca9ad38c3f009c84f7929255f2b294cb271147ab8bbe0ae15415dd
SHA512

116c4929d8072c36852403728645cc2bb9486dfccaa5e96c3581a117485c3d894dafdc80b16cb83dc41e61b0e487886b67089a40627dbadee7c1243dbc79fcf1
SSDEEP

24576:AzeCl2flV3Wiw3hrMT/eCk1IR0p/fQcTwYeYhKB4yHuAeSEY:AzeT3WLuLjmp/fzTwrY8uyHuAef

Score

10^/10

metasploit

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Signatures

Metasploit family
metasploit

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ca624d70f4ca9ad38c3f009c84f7929255f2b294cb271147ab8bbe0ae15415dd

Files

ca624d70f4ca9ad38c3f009c84f7929255f2b294cb271147ab8bbe0ae15415dd
.exe windows:4 windows x86 arch:x86

fb00b20d7d46225a900e83ef8e713a58

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

clientbase

ord1

Exports

Exports

??0_Mutex@std@@QAE@W4_Uninitialized@1@@Z
??4_Init_locks@std@@QAEAAV01@ABV01@@Z

Sections

.ace
Size: 676KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ace
Size: 390KB - Virtual size: 389KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ace
Size: 24KB - Virtual size: 210KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ace
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tvm0
Size: 26KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ace
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata2
Size: 512B - Virtual size: 151B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zoaj
Size: 196KB - Virtual size: 195KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

fb00b20d7d46225a900e83ef8e713a58

Headers

DLL Characteristics

File Characteristics

Imports

clientbase

Exports

Exports

Sections

.ace Size: 676KB - Virtual size: 1.5MB

.ace Size: 390KB - Virtual size: 389KB

.ace Size: 24KB - Virtual size: 210KB

.ace Size: 73KB - Virtual size: 72KB

.tvm0 Size: 26KB - Virtual size: 88KB

.ace Size: 50KB - Virtual size: 50KB

.edata2 Size: 512B - Virtual size: 151B

.zoaj Size: 196KB - Virtual size: 195KB

.rsrc Size: 73KB - Virtual size: 72KB

.ace
Size: 676KB - Virtual size: 1.5MB

.ace
Size: 390KB - Virtual size: 389KB

.ace
Size: 24KB - Virtual size: 210KB

.ace
Size: 73KB - Virtual size: 72KB

.tvm0
Size: 26KB - Virtual size: 88KB

.ace
Size: 50KB - Virtual size: 50KB

.edata2
Size: 512B - Virtual size: 151B

.zoaj
Size: 196KB - Virtual size: 195KB

.rsrc
Size: 73KB - Virtual size: 72KB