General

  • Target

    Powerfull.exe

  • Size

    4.1MB

  • MD5

    c35e74730d91ac804079c955f127e1c1

  • SHA1

    c73ce2b3af36077c2b704a3a53e46d0e19a66c93

  • SHA256

    b558c4e6cde7959b7b6bcf71debc00651259370edf93d014a53a4f1b90805e5a

  • SHA512

    480dbdaa6ecb1cdd6293e278135e83fe95048fe3352ced700112b8f580fa2b7b37ece7b5bbd004ee34abe470feae6afd98dc51b888d79a47fcf74c4a8866629c

  • SSDEEP

    98304:97atV7GE2LypXvuLg23wW1VtIAdVBey4XCn:YeBm5w3wW1jADXm

Score
10/10

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

173.212.219.45:5656

Signatures

  • Metasploit family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • Powerfull.exe
    .exe windows x64

    e0e0c99ae34c4b8b156971d78cc79573


    Headers

    Imports

    Sections