metasploit | 21854b94c1fa0ac347a0bfc4eb84eacb | Triage

Sharing

General

Target

21854b94c1fa0ac347a0bfc4eb84eacb
Size

10KB
MD5

21854b94c1fa0ac347a0bfc4eb84eacb
SHA1

8af41368d6a388ca1f317e02ed3ddaf06b475264
SHA256

38a0fbd15bd4c69b4ba9bcae614c33548219d8fd4eb10234187c96863ea4dc9a
SHA512

c2ff5832b23b146543623eceb82710974e3734141c304144852d02dbeb266cedf6fb9dc4ce0cee33a5c580e8bc8e8d82015e248b94b9e241c5ffc8324b53b26b
SSDEEP

192:rBdzy6yV6qECZ0Gg95BsCTHJRlh3gtBjRslVY:rK6jqVZPg95BswpRnwtPs3

Score

10^/10

metasploit

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Signatures

Metasploit family
metasploit

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
21854b94c1fa0ac347a0bfc4eb84eacb

Files

21854b94c1fa0ac347a0bfc4eb84eacb
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ