Overview

overview

10

Static

static

10

2e913bf6e1...40.exe

windows7-x64

10

2e913bf6e1...40.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    2e913bf6e1da908e1c9a5e43de1c480722e0b47cc9ae2b33917bb455349a3940

  • Size

    302KB

  • MD5

    0c44f94d0c51b31f1a7ba4ded4c061c8

  • SHA1

    27979aa8a625228feab6fccbeff4751acc1b1075

  • SHA256

    2e913bf6e1da908e1c9a5e43de1c480722e0b47cc9ae2b33917bb455349a3940

  • SHA512

    7874bb4e45d3ed711d9d8bc5ed879f21ee116fbc406376c0b9e11b17f8acdee1b38992eae480389cdaa7dd698d10542400f8514ef34a736822b6e806df00d9ab

  • SSDEEP

    6144:C0CEY5qWKe5vO0zS+NvCWAU8O+UppNt3+ueWCM+nzOv2/dNQw:CVHv5G0zBdCWAUDfNt3+u0VicPQw

Score
10/10
upxmetasploit

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

156.155.222.30:4445

Signatures

  • Metasploit family
    metasploit
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx

Files

  • 2e913bf6e1da908e1c9a5e43de1c480722e0b47cc9ae2b33917bb455349a3940
    .exe windows x86

    ec621ebfa8c5c43420efdcf2e3c27952


    Headers

    Imports

    Sections