General

  • Target

    13c6f0c37d9f5d9d157cefb7ab7a16dc

  • Size

    373KB

  • MD5

    13c6f0c37d9f5d9d157cefb7ab7a16dc

  • SHA1

    c24aa0cfb1f93e2ebc5e126c28b510bce08d4cfe

  • SHA256

    131c58b2cb9f9c26c39ae7170e59e0dff398416a2d39762f79aa0220064aa82f

  • SHA512

    0ab1d40cb185132cd447669500e01d2e5b3e47dfbb8da954c44f0706a887ed80fbdef08edaa8f6e05a64beb0adcd6847a0fe408f6877345cc71b0350747146b5

  • SSDEEP

    6144:M+EWjl+s5t38dX6pGE49U7kpWTcnFOHuln+Otc+EkzI8jSejCE8aKP3sGvL6hcy1:SsDTgF8JAdmdiR/iOux9KR8y

Score
10/10

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

192.168.1.142:443

Signatures

  • Metasploit family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 13c6f0c37d9f5d9d157cefb7ab7a16dc
    .exe windows:4 windows x86 arch:x86

    a587f608a6d52d2d1d020f6c918287f1


    Headers

    Imports

    Sections