metasploit | 0ed40d6fbc9cce74ab7a04a5badae7da | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0ed40d6fbc9cce74ab7a04a5badae7da
Size

387KB
MD5

0ed40d6fbc9cce74ab7a04a5badae7da
SHA1

0441e8bda3595186422bcc1dccc8832e74ae3c9a
SHA256

e99541c1d741b5f41fdc4acce686a4104dbac2fa7515d096dc349162063f93f2
SHA512

a07c5b08682f28f8f9540fd0d0343a19a2e3fb96ed2c624b3c2c7fa2a98fc58e18aabea28db02ce2424ed3c154449a355c69c91583647eeaeb8bd821dc0dcdd5
SSDEEP

12288:ZQPA6krEJBUWNtDjLcnKNalKv1V0pjq1GK:ZQiWNtD/qzAP0Nq13

Score

10^/10

metasploit

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Signatures

Metasploit family
metasploit

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ed40d6fbc9cce74ab7a04a5badae7da

Files

0ed40d6fbc9cce74ab7a04a5badae7da
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 303KB - Virtual size: 302KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 102KB - Virtual size: 742KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 30KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE