Overview

overview

10

Static

static

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    81200x00000000000200000x0000000000021000memorydmp.dmp

  • Size

    4KB

  • MD5

    34a4b8ffb9998d8825a070d0426e1d23

  • SHA1

    dca4a79e51014eb4a741d1fadad42b1da6d5690b

  • SHA256

    82fa693040ef799e21a98b769538677015c296c12c6cc7de586aba3a37241ecf

  • SHA512

    e77581aba21dbd20051e90d222f90eab6b6d2f7ade5ac23a79a45f2b9c3c048d3b7ebebdbe6edaa559a6d9ad110b91934b53217b8edc53fa6dbac0ea4663c507

Score
10/10
metasploit

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://213.109.202.206:80/1/Events/com.amazon.csm.csa.prod

Attributes
  • headers Accept: */* Accept-Language: en-US,en;q=0.5 Connection: close User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Signatures

Files

  • 81200x00000000000200000x0000000000021000memorydmp.dmp