Behavioral task
behavioral1
Sample
df5360f04c51ba57fc4e4c9b609275a2b87bd61a0f0126f49986014085fc405cN.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
df5360f04c51ba57fc4e4c9b609275a2b87bd61a0f0126f49986014085fc405cN.exe
Resource
win10v2004-20241007-en
General
-
Target
df5360f04c51ba57fc4e4c9b609275a2b87bd61a0f0126f49986014085fc405cN.exe
-
Size
7KB
-
MD5
831eefa771001a763213c22ac780ce80
-
SHA1
80c8c79252b33d1fcaa7160130608bc56e10ad09
-
SHA256
df5360f04c51ba57fc4e4c9b609275a2b87bd61a0f0126f49986014085fc405c
-
SHA512
5ba4937cfdb55a261b20946ea2e7fc25e410dc1f0cb75c2e1883ba55e23ed92630417da51ae286a8f18f7dbb8533838162b88aea184be0192bf581b918ed3678
-
SSDEEP
24:eFGStrJ9u0/6WvlxnZdkBQAVv1Yh7YKLq0eNDMSCvOXpmB:is0HvjkBQYqh0USD9C2kB
Malware Config
Extracted
metasploit
metasploit_stager
10.0.2.14:443
Signatures
-
Metasploit family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource df5360f04c51ba57fc4e4c9b609275a2b87bd61a0f0126f49986014085fc405cN.exe
Files
-
df5360f04c51ba57fc4e4c9b609275a2b87bd61a0f0126f49986014085fc405cN.exe.exe windows:4 windows x64 arch:x64
b4c6fff030479aa3b12625be67bf4914
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
kernel32
VirtualAlloc
ExitProcess
Sections
.text Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 512B - Virtual size: 132B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.unfq Size: 1024B - Virtual size: 632B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE