General
-
Target
crmcomedalx64.exe
-
Size
7KB
-
MD5
eb29c1d3688b840b10a14fdb062df69c
-
SHA1
3f1357a43665775e20014321ee5e858f9ecb4032
-
SHA256
0c1a56a5db0a0c1e9b465ff5f1cf7f91e66f402486e7bb36ce4f9c99ff584ea5
-
SHA512
0a38afe50a79628b44ac0b7e52ba81c856189489fbdaefb9bcbc4bfc78108a42367869750489c213cc7996e0c4cfc6d7b35aa321fa152fe2b39ad0399fba4604
-
SSDEEP
24:eFGStrJ9u0/6FVFnZd0BQAVkIunxUrXv0CrS5tVOLxSKd9evDIivvvstpmB:is0yF0BQ26Wr/0CrGQL8K/evpvsKB
Score
10/10
Malware Config
Extracted
Family
metasploit
Version
encoder/shikata_ga_nai
Extracted
Family
metasploit
Version
metasploit_stager
C2
3.84.34.113:443
Signatures
-
Metasploit family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
crmcomedalx64.exe
b4c6fff030479aa3b12625be67bf4914
Headers
Imports
Sections