metasploit | 29cc00ff675ede7425a49d9777d6af8d1cbf87c862166565e1ec4034b5e12cab | Triage

Sharing

Copy URL Twitter E-mail

General

Target

29cc00ff675ede7425a49d9777d6af8d1cbf87c862166565e1ec4034b5e12cab
Size

9KB
MD5

fa8245ebe2552158d4505f19b38015d3
SHA1

a588113026d4c72204e4ab9d5efbb4d90f66881f
SHA256

29cc00ff675ede7425a49d9777d6af8d1cbf87c862166565e1ec4034b5e12cab
SHA512

13a7c4ddeee367b590aa633bd45c2a766034f11f6b2c8e103c399b09fa01cabcc87c1eaa81d3cca7f09653468a0d0852fef6bda6c0ab48754a678219c1b63a3e
SSDEEP

48:q0kV3zU9G4aNVh7XphlhEF57/nGhZoEsCibOE:vDIK6oEs

Score

10^/10

metasploit

Malware Config

Extracted

Family

metasploit

Version

windows/exec

Signatures

Metasploit family
metasploit

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29cc00ff675ede7425a49d9777d6af8d1cbf87c862166565e1ec4034b5e12cab

Files

29cc00ff675ede7425a49d9777d6af8d1cbf87c862166565e1ec4034b5e12cab
.dll windows:6 windows x86 arch:x86

57d6e7112c8e716cfe2eb0ff9f36763c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
ReleaseSemaphore
WaitForSingleObject
CreateEventA
OpenEventA
ExitThread
ResumeThread
CreateProcessA
GetThreadContext
SetThreadContext
VirtualAllocEx
WriteProcessMemory
CreateSemaphoreA

Sections

.text
Size: 1024B - Virtual size: 661B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ