General

  • Target

    4cf20d809245c7a50eb090833b5f85b7bf8014eeafbc2d9d46fc6810a4481966

  • Size

    128KB

  • MD5

    1208cd1709e14fa5009d2cb21b4863ea

  • SHA1

    140519827dd590a8f390a8565b1c0796d4570695

  • SHA256

    4cf20d809245c7a50eb090833b5f85b7bf8014eeafbc2d9d46fc6810a4481966

  • SHA512

    cfa301720fa04f842cd28e6b9bf827b0c25a1b522f469fdbeaba964e19d6a702eaba8ca981932a87ad053a04688515a10d325dd343ff1186d1031b5bb1b1e6bb

  • SSDEEP

    1536:4raV+vf1xQs4r1sdysmaVXRksH0eWGbN19ftl+UvMFMQiNJRlQl6qQD+gL7:cljQPK/k8bN19ftlmARGl6q6V7

Score
10/10

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://114.117.206.183:80/vue.min.js

Attributes
  • headers User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/5.0)

Signatures

  • Metasploit family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4cf20d809245c7a50eb090833b5f85b7bf8014eeafbc2d9d46fc6810a4481966
    .exe windows:4 windows x64

    ca85b6618b1e1cad2f59872f180b38c6


    Headers

    Imports

    Sections