General

  • Target

    hysfors.exe

  • Size

    7KB

  • MD5

    7d6b7776f22725f3243703591047788d

  • SHA1

    28832497e392e267ddd8380af02b6c9e651364eb

  • SHA256

    b53b37a5d6609f40c61ed710042efc401b6e374eb8e43d0d6168cdbd3f6295da

  • SHA512

    146ad8f087ee6441c8a4e4f6672f0efbc732eb585b2f4dee2126fd8276517584e88615a2c442652bf06e321b5c64e1f6a2c865e63dca8409470aecf312580c81

  • SSDEEP

    24:eFGStrJ9u0/6FanZdkBQAV2oOxfYKZqxeNDMSCvOXpmB:is0MSkBQhxwvSD9C2kB

Score
10/10

Malware Config

Extracted

Family

metasploit

Version

metasploit_stager

C2

193.161.193.99:44039

Signatures

  • Metasploit family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • hysfors.exe
    .exe windows:4 windows x64 arch:x64

    b4c6fff030479aa3b12625be67bf4914


    Headers

    Imports

    Sections