Behavioral task
behavioral1
Sample
705380c409bdbac109896591f7a76cbbb20a41f82d8a579391804df4db8bdeacN.dll
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
705380c409bdbac109896591f7a76cbbb20a41f82d8a579391804df4db8bdeacN.dll
Resource
win10v2004-20240802-en
General
-
Target
705380c409bdbac109896591f7a76cbbb20a41f82d8a579391804df4db8bdeacN
-
Size
4KB
-
MD5
fce90bbb477a9fcbfb9ccc0a6b141680
-
SHA1
ae28022d58cc44d4c6871e75f4863e2ed3d4f07e
-
SHA256
705380c409bdbac109896591f7a76cbbb20a41f82d8a579391804df4db8bdeac
-
SHA512
25602f65d04f2a1f939843f26a273c96f7d374909e2716cb5a513eda217c1ac276d8bcf7dd392a5bcb1085fe1dd1141d220d366611c7709362b8433b49119873
Malware Config
Extracted
metasploit
windows/reverse_http
http://89.38.98.120:443/Q1LjvSktnj741vnXpkJyRQvNWxWvXZrpG9BNr4ZMR40s5j4__akIr3IG1925RJ79u5thsiVCkVBTEgVZ09nL8HE_LODQyfeGGWfEONmtRBY9u2vAJC9S6B8VzAfj5A35-8WGOJI9AC2mwoGM91uObI23U6UpFPVIn6seBQz7rvdCnKbwrdJ3tORwfbd7I99O9ioKRns5t92FxlrYU9ZN6wulnLhuFH8r
Signatures
-
Metasploit family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 705380c409bdbac109896591f7a76cbbb20a41f82d8a579391804df4db8bdeacN
Files
-
705380c409bdbac109896591f7a76cbbb20a41f82d8a579391804df4db8bdeacN.dll windows:6 windows x86 arch:x86
67fdc237b514ec9fab9c4500917eb60f
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
VirtualAlloc
Sections
.text Size: 512B - Virtual size: 162B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 512B - Virtual size: 378B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 656B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ