General

  • Target

    e673ea6cd9bf1053397e26a014e0da7d9056c23f77bd36aceb2818b0b2ddb366

  • Size

    122KB

  • MD5

    3fd56e330582e996c4268eff03aace4c

  • SHA1

    7dd911f48d7c550d4c166e7c103d70fea618c784

  • SHA256

    e673ea6cd9bf1053397e26a014e0da7d9056c23f77bd36aceb2818b0b2ddb366

  • SHA512

    71e809defce81ab31252846f20371912f6ccbf67c5c71b242a7448221e976d19bbfc551809d2c6a6baca8fbb6bc8d104f3f57111fafeeb94ad41fedc472b49d2

  • SSDEEP

    3072:DwaK9NUTBVedxNHRW6m7WWAnHY3XQ6uAnHqUQ6:DIPUTBV2RW6m7WWAnHqXQ6uAnHqUQ6

Score
10/10

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

192.168.111.137:5566

Signatures

  • Metasploit family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • e673ea6cd9bf1053397e26a014e0da7d9056c23f77bd36aceb2818b0b2ddb366
    .exe windows:4 windows x64 arch:x64

    6898de8d548c51fb72848bfb1789b496


    Headers

    Imports

    Sections