General

  • Target

    nsa.exe

  • Size

    72KB

  • MD5

    6d73b1e2c2c8d9b2242ab359ff9f41c8

  • SHA1

    c7fd303ebabad73fda93763514a837004d4db35e

  • SHA256

    ca3791726b36a4aa9d0713558529c4ee9b7649146da3926b0bfc137d5553ba80

  • SHA512

    a2cc49030703d2e97dfb70617633ce0bf27ec2b34b5fb31e0decd0efc4e6b08c4a1bb0273b5e1b1acbd308a036debd16f729b63368725d4f22a5817fce8869f4

  • SSDEEP

    1536:IVk38HAudhzF0pgK5ImFSgDzwDMb+KR0Nc8QsJq39:s4iFde7xDzwDe0Nc8QsC9

Score
10/10

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

144.24.134.156:4000

Signatures

  • Metasploit family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • nsa.exe
    .exe windows:4 windows x86 arch:x86

    481f47bbb2c9c21e108d65f52b04c448


    Headers

    Imports

    Sections