General

  • Target

    5fd54dc24ba5b6970ccc9e11980baddf

  • Size

    72KB

  • MD5

    5fd54dc24ba5b6970ccc9e11980baddf

  • SHA1

    0827152eb4ad4d7292b52e93f9917c3b42fee40e

  • SHA256

    9f979427bdd52ecbf0353410baa9df5d4df4946ed25d3ed1608bd5b02c418ec3

  • SHA512

    454cf17245fe0e28ccdfcafbf0b88857470fff236c079560159cce12ef40859c91c3fee155d6481ed9114bd3e2702f54649e5e9c11fd6bf45c373cd219c7bbd3

  • SSDEEP

    1536:Iwf/ocKItHL2UDePVVOetLXQMb+KR0Nc8QsJq39:ZYc3R/y2e2e0Nc8QsC9

Score
10/10

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

192.168.0.22:6969

Signatures

  • Metasploit family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 5fd54dc24ba5b6970ccc9e11980baddf
    .exe windows:4 windows x86 arch:x86

    481f47bbb2c9c21e108d65f52b04c448


    Headers

    Imports

    Sections