Overview

overview

10

Static

static

10

MSI79B5.exe

windows7-x64

10

MSI79B5.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    MSI79B5.tmp

  • Size

    124KB

  • MD5

    3433d625ec7d7d525f8472ddbc595a9c

  • SHA1

    f6cebfa3dcca03cbb7ad1f8595d77f9bee4db06f

  • SHA256

    fce8e488f36a1afd10d3613437aaef1a2ccfcd131ce7b22ab6fad51aecf622e8

  • SHA512

    c4117a12d36b03a3ed18b4a27b6c5db65bbf306e1f5b119b5d39fa0ed71f964aea0d22fcf7e472d76b36450e917852d1d1414b52c90f2bdf89da7884db0676b9

  • SSDEEP

    24:eFGStrJ9u0/6xPnZdkBQAVBYhNYKLq4zeNDMSCvOXpmB:is0ArkBQZhNYYzSD9C2kB

Score
10/10
metasploit

Malware Config

Extracted

Family

metasploit

Version

metasploit_stager

C2

192.168.120.4:9999

Signatures

  • Metasploit family
    metasploit
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • MSI79B5.tmp
    .exe windows:4 windows x64 arch:x64

    b4c6fff030479aa3b12625be67bf4914


    Headers

    Imports

    Sections