General

  • Target

    6d4fc5a4334070dd65778cb4d4984539

  • Size

    101KB

  • MD5

    6d4fc5a4334070dd65778cb4d4984539

  • SHA1

    d2194e81a61de3315fb09c3680e41ca39b495f93

  • SHA256

    3698200f475bf723b5c5c06c2aa65d269208bb3025c2746b9d1a3c7f4eb6b1eb

  • SHA512

    54ebf102baf80a5524927d6ec833a03593099152c8f7332dbf06220c38fedf1e0cded62b12b48aba6e0c2e61bec8b291353e434ab4f96f25c3a4a302c0b3194f

  • SSDEEP

    3072:9fhggHcWPfZEYHB/zm6s0qsWmlzeCDNJo2/hn5d1AB:XLrZESJqs5eIAB

Score
10/10

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

45.76.149.208:7854

Signatures

  • Metasploit family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 6d4fc5a4334070dd65778cb4d4984539
    .exe windows:6 windows x86 arch:x86

    d27c5a876d2f2347cbf1425cab1fa3e6


    Headers

    Imports

    Sections