Source: unknown |
TCP traffic detected without corresponding DNS query: 185.228.139.123 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 185.228.139.123 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 185.228.139.123 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 185.228.139.123 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 185.228.139.123 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 185.228.139.123 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 185.228.139.123 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 185.228.139.123 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 185.228.139.123 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 185.228.139.123 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 185.228.139.123 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 185.228.139.123 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 185.228.139.123 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 185.228.139.123 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 185.228.139.123 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 185.228.139.123 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 185.228.139.123 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 185.228.139.123 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 185.228.139.123 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 185.228.139.123 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 185.228.139.123 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 185.228.139.123 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 185.228.139.123 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 185.228.139.123 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 185.228.139.123 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 185.228.139.123 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 185.228.139.123 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 185.228.139.123 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 185.228.139.123 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 185.228.139.123 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 185.228.139.123 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 185.228.139.123 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 185.228.139.123 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 185.228.139.123 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 185.228.139.123 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 185.228.139.123 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 185.228.139.123 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 185.228.139.123 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 185.228.139.123 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 185.228.139.123 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 185.228.139.123 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 185.228.139.123 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 185.228.139.123 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 185.228.139.123 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 185.228.139.123 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 185.228.139.123 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 185.228.139.123 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 185.228.139.123 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 185.228.139.123 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 185.228.139.123 |
Source: cracked.exe, type: SAMPLE |
Matched rule: Identifies the API address lookup function used by metasploit. Also used by other tools (like beacon). Author: unknown |
Source: cracked.exe, type: SAMPLE |
Matched rule: Identifies the API address lookup function leverage by metasploit shellcode Author: unknown |
Source: cracked.exe, type: SAMPLE |
Matched rule: Identifies the 64 bit API hashing function used by Metasploit. This has been re-used by many other malware families. Author: unknown |
Source: cracked.exe, type: SAMPLE |
Matched rule: Detects Meterpreter payload Author: ditekSHen |
Source: 0.0.cracked.exe.416000.1.unpack, type: UNPACKEDPE |
Matched rule: Identifies the API address lookup function used by metasploit. Also used by other tools (like beacon). Author: unknown |
Source: 0.0.cracked.exe.416000.1.unpack, type: UNPACKEDPE |
Matched rule: Identifies the API address lookup function leverage by metasploit shellcode Author: unknown |
Source: 0.0.cracked.exe.416000.1.unpack, type: UNPACKEDPE |
Matched rule: Identifies the 64 bit API hashing function used by Metasploit. This has been re-used by many other malware families. Author: unknown |
Source: 0.0.cracked.exe.416000.1.unpack, type: UNPACKEDPE |
Matched rule: Detects Meterpreter payload Author: ditekSHen |
Source: 0.2.cracked.exe.416000.1.raw.unpack, type: UNPACKEDPE |
Matched rule: Identifies the API address lookup function used by metasploit. Also used by other tools (like beacon). Author: unknown |
Source: 0.2.cracked.exe.416000.1.raw.unpack, type: UNPACKEDPE |
Matched rule: Identifies the API address lookup function leverage by metasploit shellcode Author: unknown |
Source: 0.2.cracked.exe.416000.1.raw.unpack, type: UNPACKEDPE |
Matched rule: Identifies the 64 bit API hashing function used by Metasploit. This has been re-used by many other malware families. Author: unknown |
Source: 0.2.cracked.exe.416000.1.raw.unpack, type: UNPACKEDPE |
Matched rule: Detects Meterpreter payload Author: ditekSHen |
Source: 0.0.cracked.exe.416000.1.raw.unpack, type: UNPACKEDPE |
Matched rule: Identifies the API address lookup function used by metasploit. Also used by other tools (like beacon). Author: unknown |
Source: 0.0.cracked.exe.416000.1.raw.unpack, type: UNPACKEDPE |
Matched rule: Identifies the API address lookup function leverage by metasploit shellcode Author: unknown |
Source: 0.0.cracked.exe.416000.1.raw.unpack, type: UNPACKEDPE |
Matched rule: Identifies the 64 bit API hashing function used by Metasploit. This has been re-used by many other malware families. Author: unknown |
Source: 0.0.cracked.exe.416000.1.raw.unpack, type: UNPACKEDPE |
Matched rule: Detects Meterpreter payload Author: ditekSHen |
Source: 0.2.cracked.exe.416000.1.unpack, type: UNPACKEDPE |
Matched rule: Identifies the API address lookup function used by metasploit. Also used by other tools (like beacon). Author: unknown |
Source: 0.2.cracked.exe.416000.1.unpack, type: UNPACKEDPE |
Matched rule: Identifies the API address lookup function leverage by metasploit shellcode Author: unknown |
Source: 0.2.cracked.exe.416000.1.unpack, type: UNPACKEDPE |
Matched rule: Identifies the 64 bit API hashing function used by Metasploit. This has been re-used by many other malware families. Author: unknown |
Source: 0.2.cracked.exe.416000.1.unpack, type: UNPACKEDPE |
Matched rule: Detects Meterpreter payload Author: ditekSHen |
Source: 0.0.cracked.exe.400000.0.unpack, type: UNPACKEDPE |
Matched rule: Identifies the API address lookup function used by metasploit. Also used by other tools (like beacon). Author: unknown |
Source: 0.0.cracked.exe.400000.0.unpack, type: UNPACKEDPE |
Matched rule: Identifies the API address lookup function leverage by metasploit shellcode Author: unknown |
Source: 0.0.cracked.exe.400000.0.unpack, type: UNPACKEDPE |
Matched rule: Identifies the 64 bit API hashing function used by Metasploit. This has been re-used by many other malware families. Author: unknown |
Source: 0.0.cracked.exe.400000.0.unpack, type: UNPACKEDPE |
Matched rule: Detects Meterpreter payload Author: ditekSHen |
Source: 0.2.cracked.exe.400000.0.unpack, type: UNPACKEDPE |
Matched rule: Identifies the API address lookup function used by metasploit. Also used by other tools (like beacon). Author: unknown |
Source: 0.2.cracked.exe.400000.0.unpack, type: UNPACKEDPE |
Matched rule: Identifies the API address lookup function leverage by metasploit shellcode Author: unknown |
Source: 0.2.cracked.exe.400000.0.unpack, type: UNPACKEDPE |
Matched rule: Identifies the 64 bit API hashing function used by Metasploit. This has been re-used by many other malware families. Author: unknown |
Source: 0.2.cracked.exe.400000.0.unpack, type: UNPACKEDPE |
Matched rule: Detects Meterpreter payload Author: ditekSHen |
Source: 0.2.cracked.exe.7a0000.2.unpack, type: UNPACKEDPE |
Matched rule: Identifies the API address lookup function used by metasploit. Also used by other tools (like beacon). Author: unknown |
Source: 0.2.cracked.exe.7a0000.2.unpack, type: UNPACKEDPE |
Matched rule: Identifies the API address lookup function leverage by metasploit shellcode Author: unknown |
Source: 0.2.cracked.exe.7a0000.2.unpack, type: UNPACKEDPE |
Matched rule: Identifies the 64 bit API hashing function used by Metasploit. This has been re-used by many other malware families. Author: unknown |
Source: 0.2.cracked.exe.7a0000.2.unpack, type: UNPACKEDPE |
Matched rule: Detects Meterpreter payload Author: ditekSHen |
Source: 00000000.00000002.2890880419.00000000007C7000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY |
Matched rule: Identifies the API address lookup function used by metasploit. Also used by other tools (like beacon). Author: unknown |
Source: 00000000.00000002.2890880419.00000000007C7000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY |
Matched rule: Identifies the API address lookup function leverage by metasploit shellcode Author: unknown |
Source: 00000000.00000002.2890880419.00000000007C7000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY |
Matched rule: Identifies the 64 bit API hashing function used by Metasploit. This has been re-used by many other malware families. Author: unknown |
Source: 00000000.00000002.2890648733.0000000000416000.00000080.00000001.01000000.00000003.sdmp, type: MEMORY |
Matched rule: Identifies the API address lookup function used by metasploit. Also used by other tools (like beacon). Author: unknown |
Source: 00000000.00000002.2890648733.0000000000416000.00000080.00000001.01000000.00000003.sdmp, type: MEMORY |
Matched rule: Identifies the API address lookup function leverage by metasploit shellcode Author: unknown |
Source: 00000000.00000002.2890648733.0000000000416000.00000080.00000001.01000000.00000003.sdmp, type: MEMORY |
Matched rule: Identifies the 64 bit API hashing function used by Metasploit. This has been re-used by many other malware families. Author: unknown |
Source: 00000000.00000002.2890648733.0000000000416000.00000080.00000001.01000000.00000003.sdmp, type: MEMORY |
Matched rule: Detects Meterpreter payload Author: ditekSHen |
Source: 00000000.00000000.1628130648.0000000000416000.00000080.00000001.01000000.00000003.sdmp, type: MEMORY |
Matched rule: Identifies the API address lookup function used by metasploit. Also used by other tools (like beacon). Author: unknown |
Source: 00000000.00000000.1628130648.0000000000416000.00000080.00000001.01000000.00000003.sdmp, type: MEMORY |
Matched rule: Identifies the API address lookup function leverage by metasploit shellcode Author: unknown |
Source: 00000000.00000000.1628130648.0000000000416000.00000080.00000001.01000000.00000003.sdmp, type: MEMORY |
Matched rule: Identifies the 64 bit API hashing function used by Metasploit. This has been re-used by many other malware families. Author: unknown |
Source: 00000000.00000000.1628130648.0000000000416000.00000080.00000001.01000000.00000003.sdmp, type: MEMORY |
Matched rule: Detects Meterpreter payload Author: ditekSHen |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_004070D0 |
0_2_004070D0 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_00406A40 |
0_2_00406A40 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_00429252 |
0_2_00429252 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_00429252 |
0_2_00429252 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_00427279 |
0_2_00427279 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_00427279 |
0_2_00427279 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_0043327D |
0_2_0043327D |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_0043327D |
0_2_0043327D |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_00426A2C |
0_2_00426A2C |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_00426A2C |
0_2_00426A2C |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_00425300 |
0_2_00425300 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_00425300 |
0_2_00425300 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_0042FB20 |
0_2_0042FB20 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_0042FB20 |
0_2_0042FB20 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_0042444D |
0_2_0042444D |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_0042444D |
0_2_0042444D |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_0040B400 |
0_2_0040B400 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_00433D61 |
0_2_00433D61 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_00433D61 |
0_2_00433D61 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_00434509 |
0_2_00434509 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_00434509 |
0_2_00434509 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_00426538 |
0_2_00426538 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_00426538 |
0_2_00426538 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_00426E44 |
0_2_00426E44 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_00426E44 |
0_2_00426E44 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_00435692 |
0_2_00435692 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_00435692 |
0_2_00435692 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_004276AE |
0_2_004276AE |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_004276AE |
0_2_004276AE |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_0042BF42 |
0_2_0042BF42 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_0042BF42 |
0_2_0042BF42 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_004337EF |
0_2_004337EF |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_004337EF |
0_2_004337EF |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_00429252 |
0_2_00429252 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_00429252 |
0_2_00429252 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_00427279 |
0_2_00427279 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_00427279 |
0_2_00427279 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_0043327D |
0_2_0043327D |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_0043327D |
0_2_0043327D |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_00426A2C |
0_2_00426A2C |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_00426A2C |
0_2_00426A2C |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_00425300 |
0_2_00425300 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_00425300 |
0_2_00425300 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_0042FB20 |
0_2_0042FB20 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_0042FB20 |
0_2_0042FB20 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_0042444D |
0_2_0042444D |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_0042444D |
0_2_0042444D |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_00433D61 |
0_2_00433D61 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_00433D61 |
0_2_00433D61 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_00434509 |
0_2_00434509 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_00434509 |
0_2_00434509 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_00426538 |
0_2_00426538 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_00426538 |
0_2_00426538 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_00426E44 |
0_2_00426E44 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_00426E44 |
0_2_00426E44 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_00435692 |
0_2_00435692 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_00435692 |
0_2_00435692 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_004276AE |
0_2_004276AE |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_004276AE |
0_2_004276AE |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_0042BF42 |
0_2_0042BF42 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_0042BF42 |
0_2_0042BF42 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_004337EF |
0_2_004337EF |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_004337EF |
0_2_004337EF |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_007AF04D |
0_2_007AF04D |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_007BE961 |
0_2_007BE961 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_007B1138 |
0_2_007B1138 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_007BF109 |
0_2_007BF109 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_007B1A44 |
0_2_007B1A44 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_007B22AE |
0_2_007B22AE |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_007C0292 |
0_2_007C0292 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_007B6B42 |
0_2_007B6B42 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_007ADBF2 |
0_2_007ADBF2 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_007BE3EF |
0_2_007BE3EF |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_007B1E79 |
0_2_007B1E79 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_007BDE7D |
0_2_007BDE7D |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_007B3E52 |
0_2_007B3E52 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_007B162C |
0_2_007B162C |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_007BA720 |
0_2_007BA720 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_007AFF00 |
0_2_007AFF00 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_007AA78D |
0_2_007AA78D |
Source: cracked.exe, type: SAMPLE |
Matched rule: Windows_Trojan_Metasploit_38b8ceec os = windows, severity = x86, description = Identifies the API address lookup function used by metasploit. Also used by other tools (like beacon)., creation_date = 2021-03-23, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Metasploit, fingerprint = 44b9022d87c409210b1d0807f5a4337d73f19559941660267d63cd2e4f2ff342, id = 38b8ceec-601c-4117-b7a0-74720e26bf38, last_modified = 2021-08-23 |
Source: cracked.exe, type: SAMPLE |
Matched rule: Windows_Trojan_Metasploit_7bc0f998 os = windows, severity = x86, description = Identifies the API address lookup function leverage by metasploit shellcode, creation_date = 2021-03-23, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Metasploit, fingerprint = fdb5c665503f07b2fc1ed7e4e688295e1222a500bfb68418661db60c8e75e835, id = 7bc0f998-7014-4883-8a56-d5ee00c15aed, last_modified = 2021-08-23 |
Source: cracked.exe, type: SAMPLE |
Matched rule: Windows_Trojan_Metasploit_c9773203 os = windows, severity = x86, description = Identifies the 64 bit API hashing function used by Metasploit. This has been re-used by many other malware families., creation_date = 2021-04-07, scan_context = file, memory, reference = https://github.com/rapid7/metasploit-framework/blob/04e8752b9b74cbaad7cb0ea6129c90e3172580a2/external/source/shellcode/windows/x64/src/block/block_api.asm, license = Elastic License v2, threat_name = Windows.Trojan.Metasploit, fingerprint = afde93eeb14b4d0c182f475a22430f101394938868741ffa06445e478b6ece36, id = c9773203-6d1e-4246-a1e0-314217e0207a, last_modified = 2021-08-23 |
Source: cracked.exe, type: SAMPLE |
Matched rule: MALWARE_Win_Meterpreter author = ditekSHen, description = Detects Meterpreter payload |
Source: 0.0.cracked.exe.416000.1.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Metasploit_38b8ceec os = windows, severity = x86, description = Identifies the API address lookup function used by metasploit. Also used by other tools (like beacon)., creation_date = 2021-03-23, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Metasploit, fingerprint = 44b9022d87c409210b1d0807f5a4337d73f19559941660267d63cd2e4f2ff342, id = 38b8ceec-601c-4117-b7a0-74720e26bf38, last_modified = 2021-08-23 |
Source: 0.0.cracked.exe.416000.1.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Metasploit_7bc0f998 os = windows, severity = x86, description = Identifies the API address lookup function leverage by metasploit shellcode, creation_date = 2021-03-23, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Metasploit, fingerprint = fdb5c665503f07b2fc1ed7e4e688295e1222a500bfb68418661db60c8e75e835, id = 7bc0f998-7014-4883-8a56-d5ee00c15aed, last_modified = 2021-08-23 |
Source: 0.0.cracked.exe.416000.1.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Metasploit_c9773203 os = windows, severity = x86, description = Identifies the 64 bit API hashing function used by Metasploit. This has been re-used by many other malware families., creation_date = 2021-04-07, scan_context = file, memory, reference = https://github.com/rapid7/metasploit-framework/blob/04e8752b9b74cbaad7cb0ea6129c90e3172580a2/external/source/shellcode/windows/x64/src/block/block_api.asm, license = Elastic License v2, threat_name = Windows.Trojan.Metasploit, fingerprint = afde93eeb14b4d0c182f475a22430f101394938868741ffa06445e478b6ece36, id = c9773203-6d1e-4246-a1e0-314217e0207a, last_modified = 2021-08-23 |
Source: 0.0.cracked.exe.416000.1.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_Meterpreter author = ditekSHen, description = Detects Meterpreter payload |
Source: 0.2.cracked.exe.416000.1.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Metasploit_38b8ceec os = windows, severity = x86, description = Identifies the API address lookup function used by metasploit. Also used by other tools (like beacon)., creation_date = 2021-03-23, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Metasploit, fingerprint = 44b9022d87c409210b1d0807f5a4337d73f19559941660267d63cd2e4f2ff342, id = 38b8ceec-601c-4117-b7a0-74720e26bf38, last_modified = 2021-08-23 |
Source: 0.2.cracked.exe.416000.1.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Metasploit_7bc0f998 os = windows, severity = x86, description = Identifies the API address lookup function leverage by metasploit shellcode, creation_date = 2021-03-23, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Metasploit, fingerprint = fdb5c665503f07b2fc1ed7e4e688295e1222a500bfb68418661db60c8e75e835, id = 7bc0f998-7014-4883-8a56-d5ee00c15aed, last_modified = 2021-08-23 |
Source: 0.2.cracked.exe.416000.1.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Metasploit_c9773203 os = windows, severity = x86, description = Identifies the 64 bit API hashing function used by Metasploit. This has been re-used by many other malware families., creation_date = 2021-04-07, scan_context = file, memory, reference = https://github.com/rapid7/metasploit-framework/blob/04e8752b9b74cbaad7cb0ea6129c90e3172580a2/external/source/shellcode/windows/x64/src/block/block_api.asm, license = Elastic License v2, threat_name = Windows.Trojan.Metasploit, fingerprint = afde93eeb14b4d0c182f475a22430f101394938868741ffa06445e478b6ece36, id = c9773203-6d1e-4246-a1e0-314217e0207a, last_modified = 2021-08-23 |
Source: 0.2.cracked.exe.416000.1.raw.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_Meterpreter author = ditekSHen, description = Detects Meterpreter payload |
Source: 0.0.cracked.exe.416000.1.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Metasploit_38b8ceec os = windows, severity = x86, description = Identifies the API address lookup function used by metasploit. Also used by other tools (like beacon)., creation_date = 2021-03-23, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Metasploit, fingerprint = 44b9022d87c409210b1d0807f5a4337d73f19559941660267d63cd2e4f2ff342, id = 38b8ceec-601c-4117-b7a0-74720e26bf38, last_modified = 2021-08-23 |
Source: 0.0.cracked.exe.416000.1.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Metasploit_7bc0f998 os = windows, severity = x86, description = Identifies the API address lookup function leverage by metasploit shellcode, creation_date = 2021-03-23, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Metasploit, fingerprint = fdb5c665503f07b2fc1ed7e4e688295e1222a500bfb68418661db60c8e75e835, id = 7bc0f998-7014-4883-8a56-d5ee00c15aed, last_modified = 2021-08-23 |
Source: 0.0.cracked.exe.416000.1.raw.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Metasploit_c9773203 os = windows, severity = x86, description = Identifies the 64 bit API hashing function used by Metasploit. This has been re-used by many other malware families., creation_date = 2021-04-07, scan_context = file, memory, reference = https://github.com/rapid7/metasploit-framework/blob/04e8752b9b74cbaad7cb0ea6129c90e3172580a2/external/source/shellcode/windows/x64/src/block/block_api.asm, license = Elastic License v2, threat_name = Windows.Trojan.Metasploit, fingerprint = afde93eeb14b4d0c182f475a22430f101394938868741ffa06445e478b6ece36, id = c9773203-6d1e-4246-a1e0-314217e0207a, last_modified = 2021-08-23 |
Source: 0.0.cracked.exe.416000.1.raw.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_Meterpreter author = ditekSHen, description = Detects Meterpreter payload |
Source: 0.2.cracked.exe.416000.1.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Metasploit_38b8ceec os = windows, severity = x86, description = Identifies the API address lookup function used by metasploit. Also used by other tools (like beacon)., creation_date = 2021-03-23, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Metasploit, fingerprint = 44b9022d87c409210b1d0807f5a4337d73f19559941660267d63cd2e4f2ff342, id = 38b8ceec-601c-4117-b7a0-74720e26bf38, last_modified = 2021-08-23 |
Source: 0.2.cracked.exe.416000.1.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Metasploit_7bc0f998 os = windows, severity = x86, description = Identifies the API address lookup function leverage by metasploit shellcode, creation_date = 2021-03-23, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Metasploit, fingerprint = fdb5c665503f07b2fc1ed7e4e688295e1222a500bfb68418661db60c8e75e835, id = 7bc0f998-7014-4883-8a56-d5ee00c15aed, last_modified = 2021-08-23 |
Source: 0.2.cracked.exe.416000.1.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Metasploit_c9773203 os = windows, severity = x86, description = Identifies the 64 bit API hashing function used by Metasploit. This has been re-used by many other malware families., creation_date = 2021-04-07, scan_context = file, memory, reference = https://github.com/rapid7/metasploit-framework/blob/04e8752b9b74cbaad7cb0ea6129c90e3172580a2/external/source/shellcode/windows/x64/src/block/block_api.asm, license = Elastic License v2, threat_name = Windows.Trojan.Metasploit, fingerprint = afde93eeb14b4d0c182f475a22430f101394938868741ffa06445e478b6ece36, id = c9773203-6d1e-4246-a1e0-314217e0207a, last_modified = 2021-08-23 |
Source: 0.2.cracked.exe.416000.1.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_Meterpreter author = ditekSHen, description = Detects Meterpreter payload |
Source: 0.0.cracked.exe.400000.0.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Metasploit_38b8ceec os = windows, severity = x86, description = Identifies the API address lookup function used by metasploit. Also used by other tools (like beacon)., creation_date = 2021-03-23, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Metasploit, fingerprint = 44b9022d87c409210b1d0807f5a4337d73f19559941660267d63cd2e4f2ff342, id = 38b8ceec-601c-4117-b7a0-74720e26bf38, last_modified = 2021-08-23 |
Source: 0.0.cracked.exe.400000.0.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Metasploit_7bc0f998 os = windows, severity = x86, description = Identifies the API address lookup function leverage by metasploit shellcode, creation_date = 2021-03-23, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Metasploit, fingerprint = fdb5c665503f07b2fc1ed7e4e688295e1222a500bfb68418661db60c8e75e835, id = 7bc0f998-7014-4883-8a56-d5ee00c15aed, last_modified = 2021-08-23 |
Source: 0.0.cracked.exe.400000.0.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Metasploit_c9773203 os = windows, severity = x86, description = Identifies the 64 bit API hashing function used by Metasploit. This has been re-used by many other malware families., creation_date = 2021-04-07, scan_context = file, memory, reference = https://github.com/rapid7/metasploit-framework/blob/04e8752b9b74cbaad7cb0ea6129c90e3172580a2/external/source/shellcode/windows/x64/src/block/block_api.asm, license = Elastic License v2, threat_name = Windows.Trojan.Metasploit, fingerprint = afde93eeb14b4d0c182f475a22430f101394938868741ffa06445e478b6ece36, id = c9773203-6d1e-4246-a1e0-314217e0207a, last_modified = 2021-08-23 |
Source: 0.0.cracked.exe.400000.0.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_Meterpreter author = ditekSHen, description = Detects Meterpreter payload |
Source: 0.2.cracked.exe.400000.0.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Metasploit_38b8ceec os = windows, severity = x86, description = Identifies the API address lookup function used by metasploit. Also used by other tools (like beacon)., creation_date = 2021-03-23, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Metasploit, fingerprint = 44b9022d87c409210b1d0807f5a4337d73f19559941660267d63cd2e4f2ff342, id = 38b8ceec-601c-4117-b7a0-74720e26bf38, last_modified = 2021-08-23 |
Source: 0.2.cracked.exe.400000.0.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Metasploit_7bc0f998 os = windows, severity = x86, description = Identifies the API address lookup function leverage by metasploit shellcode, creation_date = 2021-03-23, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Metasploit, fingerprint = fdb5c665503f07b2fc1ed7e4e688295e1222a500bfb68418661db60c8e75e835, id = 7bc0f998-7014-4883-8a56-d5ee00c15aed, last_modified = 2021-08-23 |
Source: 0.2.cracked.exe.400000.0.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Metasploit_c9773203 os = windows, severity = x86, description = Identifies the 64 bit API hashing function used by Metasploit. This has been re-used by many other malware families., creation_date = 2021-04-07, scan_context = file, memory, reference = https://github.com/rapid7/metasploit-framework/blob/04e8752b9b74cbaad7cb0ea6129c90e3172580a2/external/source/shellcode/windows/x64/src/block/block_api.asm, license = Elastic License v2, threat_name = Windows.Trojan.Metasploit, fingerprint = afde93eeb14b4d0c182f475a22430f101394938868741ffa06445e478b6ece36, id = c9773203-6d1e-4246-a1e0-314217e0207a, last_modified = 2021-08-23 |
Source: 0.2.cracked.exe.400000.0.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_Meterpreter author = ditekSHen, description = Detects Meterpreter payload |
Source: 0.2.cracked.exe.7a0000.2.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Metasploit_38b8ceec os = windows, severity = x86, description = Identifies the API address lookup function used by metasploit. Also used by other tools (like beacon)., creation_date = 2021-03-23, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Metasploit, fingerprint = 44b9022d87c409210b1d0807f5a4337d73f19559941660267d63cd2e4f2ff342, id = 38b8ceec-601c-4117-b7a0-74720e26bf38, last_modified = 2021-08-23 |
Source: 0.2.cracked.exe.7a0000.2.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Metasploit_7bc0f998 os = windows, severity = x86, description = Identifies the API address lookup function leverage by metasploit shellcode, creation_date = 2021-03-23, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Metasploit, fingerprint = fdb5c665503f07b2fc1ed7e4e688295e1222a500bfb68418661db60c8e75e835, id = 7bc0f998-7014-4883-8a56-d5ee00c15aed, last_modified = 2021-08-23 |
Source: 0.2.cracked.exe.7a0000.2.unpack, type: UNPACKEDPE |
Matched rule: Windows_Trojan_Metasploit_c9773203 os = windows, severity = x86, description = Identifies the 64 bit API hashing function used by Metasploit. This has been re-used by many other malware families., creation_date = 2021-04-07, scan_context = file, memory, reference = https://github.com/rapid7/metasploit-framework/blob/04e8752b9b74cbaad7cb0ea6129c90e3172580a2/external/source/shellcode/windows/x64/src/block/block_api.asm, license = Elastic License v2, threat_name = Windows.Trojan.Metasploit, fingerprint = afde93eeb14b4d0c182f475a22430f101394938868741ffa06445e478b6ece36, id = c9773203-6d1e-4246-a1e0-314217e0207a, last_modified = 2021-08-23 |
Source: 0.2.cracked.exe.7a0000.2.unpack, type: UNPACKEDPE |
Matched rule: MALWARE_Win_Meterpreter author = ditekSHen, description = Detects Meterpreter payload |
Source: 00000000.00000002.2890880419.00000000007C7000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Metasploit_38b8ceec os = windows, severity = x86, description = Identifies the API address lookup function used by metasploit. Also used by other tools (like beacon)., creation_date = 2021-03-23, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Metasploit, fingerprint = 44b9022d87c409210b1d0807f5a4337d73f19559941660267d63cd2e4f2ff342, id = 38b8ceec-601c-4117-b7a0-74720e26bf38, last_modified = 2021-08-23 |
Source: 00000000.00000002.2890880419.00000000007C7000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Metasploit_7bc0f998 os = windows, severity = x86, description = Identifies the API address lookup function leverage by metasploit shellcode, creation_date = 2021-03-23, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Metasploit, fingerprint = fdb5c665503f07b2fc1ed7e4e688295e1222a500bfb68418661db60c8e75e835, id = 7bc0f998-7014-4883-8a56-d5ee00c15aed, last_modified = 2021-08-23 |
Source: 00000000.00000002.2890880419.00000000007C7000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Metasploit_c9773203 os = windows, severity = x86, description = Identifies the 64 bit API hashing function used by Metasploit. This has been re-used by many other malware families., creation_date = 2021-04-07, scan_context = file, memory, reference = https://github.com/rapid7/metasploit-framework/blob/04e8752b9b74cbaad7cb0ea6129c90e3172580a2/external/source/shellcode/windows/x64/src/block/block_api.asm, license = Elastic License v2, threat_name = Windows.Trojan.Metasploit, fingerprint = afde93eeb14b4d0c182f475a22430f101394938868741ffa06445e478b6ece36, id = c9773203-6d1e-4246-a1e0-314217e0207a, last_modified = 2021-08-23 |
Source: 00000000.00000002.2890648733.0000000000416000.00000080.00000001.01000000.00000003.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Metasploit_38b8ceec os = windows, severity = x86, description = Identifies the API address lookup function used by metasploit. Also used by other tools (like beacon)., creation_date = 2021-03-23, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Metasploit, fingerprint = 44b9022d87c409210b1d0807f5a4337d73f19559941660267d63cd2e4f2ff342, id = 38b8ceec-601c-4117-b7a0-74720e26bf38, last_modified = 2021-08-23 |
Source: 00000000.00000002.2890648733.0000000000416000.00000080.00000001.01000000.00000003.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Metasploit_7bc0f998 os = windows, severity = x86, description = Identifies the API address lookup function leverage by metasploit shellcode, creation_date = 2021-03-23, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Metasploit, fingerprint = fdb5c665503f07b2fc1ed7e4e688295e1222a500bfb68418661db60c8e75e835, id = 7bc0f998-7014-4883-8a56-d5ee00c15aed, last_modified = 2021-08-23 |
Source: 00000000.00000002.2890648733.0000000000416000.00000080.00000001.01000000.00000003.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Metasploit_c9773203 os = windows, severity = x86, description = Identifies the 64 bit API hashing function used by Metasploit. This has been re-used by many other malware families., creation_date = 2021-04-07, scan_context = file, memory, reference = https://github.com/rapid7/metasploit-framework/blob/04e8752b9b74cbaad7cb0ea6129c90e3172580a2/external/source/shellcode/windows/x64/src/block/block_api.asm, license = Elastic License v2, threat_name = Windows.Trojan.Metasploit, fingerprint = afde93eeb14b4d0c182f475a22430f101394938868741ffa06445e478b6ece36, id = c9773203-6d1e-4246-a1e0-314217e0207a, last_modified = 2021-08-23 |
Source: 00000000.00000002.2890648733.0000000000416000.00000080.00000001.01000000.00000003.sdmp, type: MEMORY |
Matched rule: MALWARE_Win_Meterpreter author = ditekSHen, description = Detects Meterpreter payload |
Source: 00000000.00000000.1628130648.0000000000416000.00000080.00000001.01000000.00000003.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Metasploit_38b8ceec os = windows, severity = x86, description = Identifies the API address lookup function used by metasploit. Also used by other tools (like beacon)., creation_date = 2021-03-23, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Metasploit, fingerprint = 44b9022d87c409210b1d0807f5a4337d73f19559941660267d63cd2e4f2ff342, id = 38b8ceec-601c-4117-b7a0-74720e26bf38, last_modified = 2021-08-23 |
Source: 00000000.00000000.1628130648.0000000000416000.00000080.00000001.01000000.00000003.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Metasploit_7bc0f998 os = windows, severity = x86, description = Identifies the API address lookup function leverage by metasploit shellcode, creation_date = 2021-03-23, scan_context = file, memory, license = Elastic License v2, threat_name = Windows.Trojan.Metasploit, fingerprint = fdb5c665503f07b2fc1ed7e4e688295e1222a500bfb68418661db60c8e75e835, id = 7bc0f998-7014-4883-8a56-d5ee00c15aed, last_modified = 2021-08-23 |
Source: 00000000.00000000.1628130648.0000000000416000.00000080.00000001.01000000.00000003.sdmp, type: MEMORY |
Matched rule: Windows_Trojan_Metasploit_c9773203 os = windows, severity = x86, description = Identifies the 64 bit API hashing function used by Metasploit. This has been re-used by many other malware families., creation_date = 2021-04-07, scan_context = file, memory, reference = https://github.com/rapid7/metasploit-framework/blob/04e8752b9b74cbaad7cb0ea6129c90e3172580a2/external/source/shellcode/windows/x64/src/block/block_api.asm, license = Elastic License v2, threat_name = Windows.Trojan.Metasploit, fingerprint = afde93eeb14b4d0c182f475a22430f101394938868741ffa06445e478b6ece36, id = c9773203-6d1e-4246-a1e0-314217e0207a, last_modified = 2021-08-23 |
Source: 00000000.00000000.1628130648.0000000000416000.00000080.00000001.01000000.00000003.sdmp, type: MEMORY |
Matched rule: MALWARE_Win_Meterpreter author = ditekSHen, description = Detects Meterpreter payload |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_0040B840 push eax; ret |
0_2_0040B86E |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_0042B827 push esi; ret |
0_2_0042B829 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_0042B827 push esi; ret |
0_2_0042B829 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_0043288D push edi; ret |
0_2_0043288F |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_0043288D push edi; ret |
0_2_0043288F |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_0042B910 push edi; ret |
0_2_0042B912 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_0042B910 push edi; ret |
0_2_0042B912 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_0042E1C5 push ecx; ret |
0_2_0042E1D8 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_0042E1C5 push ecx; ret |
0_2_0042E1D8 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_004252EB push ecx; ret |
0_2_004252FB |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_004252EB push ecx; ret |
0_2_004252FB |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_0043243E push edi; ret |
0_2_0043244D |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_0043243E push edi; ret |
0_2_0043244D |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_0042B4C1 push edi; ret |
0_2_0042B4D0 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_0042B4C1 push edi; ret |
0_2_0042B4D0 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_004324B0 push edi; ret |
0_2_004324B2 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_004324B0 push edi; ret |
0_2_004324B2 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_0042B533 push edi; ret |
0_2_0042B535 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_0042B533 push edi; ret |
0_2_0042B535 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_004325BB push esi; ret |
0_2_004325CB |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_004325BB push esi; ret |
0_2_004325CB |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_0042B64C push esi; ret |
0_2_0042B64E |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_0042B64C push esi; ret |
0_2_0042B64E |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_004327A4 push esi; ret |
0_2_004327A6 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_004327A4 push esi; ret |
0_2_004327A6 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_0042B827 push esi; ret |
0_2_0042B829 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_0042B827 push esi; ret |
0_2_0042B829 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_0043288D push edi; ret |
0_2_0043288F |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_0043288D push edi; ret |
0_2_0043288F |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_0042B910 push edi; ret |
0_2_0042B912 |
Source: C:\Users\user\Desktop\cracked.exe |
Code function: 0_2_0042B910 push edi; ret |
0_2_0042B912 |