metasploit | NEAS[.]743d6b0ce0acf37f7c757770b00d4060[.]exe

General

Target

NEAS.743d6b0ce0acf37f7c757770b00d4060.exe
Size

6KB
MD5

743d6b0ce0acf37f7c757770b00d4060
SHA1

dda5d93a31ccc3946661eb8962a23c6b0c1a18bc
SHA256

b81f821ca11da0bf34dba63abf7b9d63470100e54e9a38e4404c986a6085ed5c
SHA512

17aa6253ba90d4f7f4744bd9d404c129e65e7d5d99ecc655872404f77e2feafbca3d769db5e14d91ebe57f42e1b1466e1bafd6583373d43c1e021064edf6f357
SSDEEP

96:00xqX6v4NvA9K2i4RaUK4PZT7kqe7lzfp11qSE:0gqq+r4Zfe75Bf

Score

10^/10

metasploit

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_http

C2

http://146.56.227.199:443/QAQ__QAQ/2FQHkMpjbNwcxh3Hed1fqgZES28WtAhrf8OkRxkZH0ZsTH7QZ32jIWa6DnTktRWEqI7Pa5WMOLoR9GfZsAhUWwpy3mpqbPBPkayvbznEu1D5Za7pBT5MhsG9a4gCksCOETY2XdDIXAnvCs2js5u-sYKxh5LPIO

Signatures

Metasploit family
metasploit

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
NEAS.743d6b0ce0acf37f7c757770b00d4060.exe

Files

NEAS.743d6b0ce0acf37f7c757770b00d4060.exe
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 712B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 4KB - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 712B

.reloc Size: 512B - Virtual size: 12B

.text
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 712B

.reloc
Size: 512B - Virtual size: 12B