metasploit | 192bcac9c38be70a3e627b333731bab0N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

192bcac9c38be70a3e627b333731bab0N.exe
Size

94KB
MD5

192bcac9c38be70a3e627b333731bab0
SHA1

51e93b02ff981c60e2f6ef7bd724a7b7d0fd38bb
SHA256

496d31575d4a9b8da67212ee862d754ac09612b8dd259d5f0e3a8654d924f2bc
SHA512

8a2336a6b1f7052ef4907b58a589ecb20fe3fe97ac3d1f939b51516fd54bab487e218f51c91477611f03c4bf4b81d6e5ba89f9bcd22de6706109f5427e66cbed
SSDEEP

1536:dxeFZ9iVPqPrLE8TjJpGoDIg+4z+jM94gqu2zLALPzRmDKq:dAFPip0rw83GoDIyRmeq

Score

10^/10

metasploit

Malware Config

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

192.168.0.15:443

Signatures

Metasploit family
metasploit

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
192bcac9c38be70a3e627b333731bab0N.exe

Files

192bcac9c38be70a3e627b333731bab0N.exe
.exe windows:4 windows x86 arch:x86

2fe95afa932d4b1f14f75000243d26de

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
ExitProcess
GetCommandLineA
GetLastError
GetModuleHandleA
GetProcAddress
GetStartupInfoA
InitializeCriticalSection
LeaveCriticalSection
SetUnhandledExceptionFilter
TlsGetValue
VirtualProtect
VirtualQuery

msvcrt

_strdup
_stricoll
__getmainargs
__p__environ
__p__fmode
__set_app_type
_cexit
_errno
_findclose
_findfirst
_findnext
_fullpath
_iob
_onexit
_setmode
abort
atexit
calloc
free
fwrite
isspace
malloc
mbstowcs
memcpy
realloc
setlocale
signal
strcoll
strlen
strncpy
tolower
vfprintf
wcstombs

user32

CreateWindowExA
DefWindowProcA
DispatchMessageA
GetMessageA
LoadCursorA
LoadIconA
PostQuitMessage
RegisterClassExA
TranslateMessage

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 712B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 124B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/14
Size: 512B - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/29
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/41
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/55
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/67
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/78
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/89
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

2fe95afa932d4b1f14f75000243d26de

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

Sections

.text Size: 11KB - Virtual size: 10KB

.data Size: 512B - Virtual size: 16B

.rdata Size: 1024B - Virtual size: 712B

/4 Size: 2KB - Virtual size: 2KB

.bss Size: - Virtual size: 124B

.idata Size: 2KB - Virtual size: 1KB

.CRT Size: 512B - Virtual size: 24B

.tls Size: 512B - Virtual size: 32B

/14 Size: 512B - Virtual size: 472B

/29 Size: 26KB - Virtual size: 25KB

/41 Size: 6KB - Virtual size: 5KB

/55 Size: 5KB - Virtual size: 5KB

/67 Size: 512B - Virtual size: 140B

/78 Size: 10KB - Virtual size: 9KB

/89 Size: 1KB - Virtual size: 1KB

.text
Size: 11KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 16B

.rdata
Size: 1024B - Virtual size: 712B

/4
Size: 2KB - Virtual size: 2KB

.bss
Size: - Virtual size: 124B

.idata
Size: 2KB - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 24B

.tls
Size: 512B - Virtual size: 32B

/14
Size: 512B - Virtual size: 472B

/29
Size: 26KB - Virtual size: 25KB

/41
Size: 6KB - Virtual size: 5KB

/55
Size: 5KB - Virtual size: 5KB

/67
Size: 512B - Virtual size: 140B

/78
Size: 10KB - Virtual size: 9KB

/89
Size: 1KB - Virtual size: 1KB