General
-
Target
0a6abac827cf1a84edc6938ea8e38c4f
-
Size
304KB
-
MD5
0a6abac827cf1a84edc6938ea8e38c4f
-
SHA1
d86beeb25b6a2bba0ca9e8d343d8a5d1ffc1fe02
-
SHA256
425c86b10441d99774a7576c5658b02face681f0befd423fa3a8a3df32b29a33
-
SHA512
3e8e38d38aa08d9c5864a532d2d57a4cc7be875e731bddd34a7a6a8815e8ed81e49972a41ef22267ed294afe45ffd6ef803d8c4256059ea2f0cc866bb120d9ff
-
SSDEEP
6144:Fhdnr1a1vUxAlzfA5yyTtVjZnP5CIRVJi5mVFXLTXEMl7GYYaUoSLY:vdnr1LQGPTBPsIRVJi5mV9TibaUoSs
Score
10/10
Malware Config
Extracted
Family
metasploit
Version
encoder/shikata_ga_nai
Extracted
Family
metasploit
Version
windows/shell_reverse_tcp
C2
192.168.1.3:443
Signatures
-
Metasploit family
-
UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
0a6abac827cf1a84edc6938ea8e38c4f
Headers
Sections