metasploit | 1538ed98f07b633e5e4bc50e7c0df879 | Triage

Sharing

General

Target

1538ed98f07b633e5e4bc50e7c0df879
Size

11KB
MD5

1538ed98f07b633e5e4bc50e7c0df879
SHA1

1812a1b93a6baf8ea731ba02c4a2ee925fb380e8
SHA256

3fcac180bbfaa51142f1dfa9ac2e6a9b71a6b111673eed362c35f1333b5ce783
SHA512

75c671d73495570cdcc0ff531289c8d1d5b61e728fc7d1b6d6933bacc5af47187d30405f60f031ba7ccd860937f8414e609825253e58e5f26894968579428493
SSDEEP

192:CxiAMAN0SGay9IQ6t93k55m4FFFQz6F90TZs1CM0n:sm5ay9IF3CQLswF

Score

10^/10

metasploit

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Signatures

Metasploit family
metasploit

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1538ed98f07b633e5e4bc50e7c0df879

Files

1538ed98f07b633e5e4bc50e7c0df879
.exe windows:4 windows x86 arch:x86

8b58a51c1fff9c4a944265c1fe0fab74

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

ExitProcess
GetModuleHandleA
GetProcAddress
SetUnhandledExceptionFilter

msvcrt

__getmainargs
__p__environ
__p__fmode
__set_app_type
_cexit
_iob
_onexit
_setmode
atexit
signal

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 908B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 52B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE