General

  • Target

    2da22528f6c7dc6a3e3d6c5ba7261c3426f9f9354f55fb5a1ec13ef2a66688aa

  • Size

    16KB

  • MD5

    27931ea989e16f06e6a3ba3f10bfe583

  • SHA1

    8045893f2adc7db0d9f6c2d3b52327910e7fc2f6

  • SHA256

    2da22528f6c7dc6a3e3d6c5ba7261c3426f9f9354f55fb5a1ec13ef2a66688aa

  • SHA512

    1347786a4f274bc7f45ff9bc667637f932737e318697d0be0a90be128756dc51fd90862ac64f8bba8aa9d2c06d70c39f09396ac9daf5cf97d05979103203b8e3

  • SSDEEP

    96:/lxchpFZcZhzAMD7vovDusqimJgwAmf27jF4s4kmdgw6AKSB8:/Tc3FZcHzLPfO4Z8

Score
10/10

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

10.71.36.126:9876

Signatures

  • Metasploit family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2da22528f6c7dc6a3e3d6c5ba7261c3426f9f9354f55fb5a1ec13ef2a66688aa
    .exe windows:4 windows x86

    ba89befb50893489ddc1b302bf2b7d2c


    Headers

    Imports

    Sections