General

  • Target

    NEAS.d86d90e9715a62fb767cca90a9bf4e60_JC.exe

  • Size

    72KB

  • MD5

    d86d90e9715a62fb767cca90a9bf4e60

  • SHA1

    ad8c0fc807875e400e2cc4a2b2f81375d5d12b42

  • SHA256

    41513d88ea6dce9b58738c9e49efbdb85a177a7760956d202d5794ba7521f4ec

  • SHA512

    f93da4dccb4f49521a8cac6ab05e037ad913daab4570d0ec5c35e7abed49d2a8d093293b0227a123e3ca35df083054602d0827945e1a77bb46cbe5a035e9ac09

  • SSDEEP

    1536:IB5s+OgDQvkBt5+WkAlwUE23pzjX0M5l5kBZqMb+KR0Nc8QsJq39:gS+OgJByWYA3BX53e0Nc8QsC9

Score
10/10

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

192.168.42.22:4444

Signatures

  • Metasploit family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • NEAS.d86d90e9715a62fb767cca90a9bf4e60_JC.exe
    .exe windows:4 windows x86

    481f47bbb2c9c21e108d65f52b04c448


    Headers

    Imports

    Sections