General

  • Target

    747f4807a0972406efae36cb6ff132a1

  • Size

    37KB

  • MD5

    747f4807a0972406efae36cb6ff132a1

  • SHA1

    e6754a0f3da30a53a3636043c2e8a5a9ddf6a83d

  • SHA256

    ee63b68e87f57135ec1423346b6ce91bafc13613818fad0cba2db84ceea18476

  • SHA512

    b6334fa4fce8cf0779c7c40a88d3f6fa32508394d7eef7f416e2e3c773d39e4702d1a443114099094e2304aeef93488135507823f99a32ed7e55184d0f5041c9

  • SSDEEP

    384:5QuBFZ1ojeKMCXcB+qWIjY2SVUVhV9gisYpdkOxAyD2pDQjg:5n3ojeKpcBZhEYpCOxAyDIR

Score
10/10

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

192.168.110.152:4444

Signatures

  • Metasploit family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 747f4807a0972406efae36cb6ff132a1
    .exe windows:6 windows x86 arch:x86

    54b0d8c0ad5d7e8cf8647c9f97bac60b


    Headers

    Imports

    Sections