Overview

overview

10

Static

static

10

1908-67-0x...ry.exe

windows7-x64

3

1908-67-0x...ry.exe

windows10-2004-x64

3

Sharing

Copy URL Twitter E-mail

General

  • Target

    1908-67-0x0000000140000000-0x0000000140005000-memory.dmp

  • Size

    20KB

  • MD5

    689eb754b326b319491073635d807450

  • SHA1

    116e2b4feb27238ab0b4a6d7b4e849b7f05163d4

  • SHA256

    f4f6c18249b65e40b75889fe318a65eb9bac8083cc86633c638c16ae28c38624

  • SHA512

    cbc3880827d4a8fe3e1e80c5bd936a1ba782f3ea4f6cf3cf149f87c9bb29ba9ee5f8d0f912c92af9e7799be4700e9c56f16ee73791433abc6c3eafae1168c116

  • SSDEEP

    24:eFGStrJ9u0/624nZdOBQAV3Ox+AwKZqIeNDMSCvOppmB:is0HMOBQ7x+AwGSD9C2OB

Score
10/10
metasploit

Malware Config

Extracted

Family

metasploit

Version

metasploit_stager

C2

45.148.121.63:44944

Signatures

  • Metasploit family
    metasploit
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1908-67-0x0000000140000000-0x0000000140005000-memory.dmp
    .exe windows x64


    Headers

    Sections