General

  • Target

    conexao19.exe

  • Size

    72KB

  • MD5

    9bb7d0bd3b181fe30af4dfbb20f933ea

  • SHA1

    795ea1cc14478c4ed6bdb264bdcf2401060188c8

  • SHA256

    9e5da343a2d73c581d07f40a4f62b4e732eec76d006a4e1567499e208f6afd79

  • SHA512

    18132a97e4d1cc0fe3c2c68c8175da0ebb1a870f1843ef8f9a667aac70a3917c2bbb767476d5f4ba1040e44c82455355f337c64810db2c1e1b779eb3e27c747c

  • SSDEEP

    768:IbLDDIbBTPQqeifHo0Efwr+WqKjBR8/VLN7GLLCv7Ek6yibeiPCHSckzCScx4qXx:IbL8TowH3X8/F3DsZMb+KR0Nc8QsJq39

Score
10/10

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

138.197.132.111:2443

Signatures

  • Metasploit family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • conexao19.exe
    .exe windows x86

    481f47bbb2c9c21e108d65f52b04c448


    Headers

    Imports

    Sections