General

  • Target

    68f5f8d0be1736546a6b81da82e0dad0

  • Size

    67KB

  • MD5

    68f5f8d0be1736546a6b81da82e0dad0

  • SHA1

    2125e995ff3e2c8d0a1405dd2a2ec1de08bb496c

  • SHA256

    dbc57c5fc937cc1155460aef21e31d954c9f3c954d796b67ed18cad3a7aec97d

  • SHA512

    e5a87b7dacbf1430c20188f6017b3a5667d3bf031485a3270867ff484856b92feef71a08b1a10f0187840cf56ca62d7c4be65526185cb3032bb016c9dd8dcc9c

  • SSDEEP

    1536:xsR4STq4Shw8UNwlUKRefYMJUEbooPRrKKRl1P3:xss4SuwllRefVJltZrpRl1P3

Score
10/10

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

10.2.200.213:1973

Signatures

  • Metasploit family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 68f5f8d0be1736546a6b81da82e0dad0
    .exe windows:5 windows x86 arch:x86

    419c3fe8c1eefea9336b96f74f0951dd


    Headers

    Imports

    Sections