General
-
Target
cfb5f740f662cd134e5a114a9f041a0c320fba850b48874ff1d2c23ca6be3fb5
-
Size
17KB
-
Sample
240515-vt3q6abe29
-
MD5
b89b02e73b9191bbae636a043a1bc765
-
SHA1
d82d93d0d526b5dd36515c493a4c606ccaf3c787
-
SHA256
cfb5f740f662cd134e5a114a9f041a0c320fba850b48874ff1d2c23ca6be3fb5
-
SHA512
2dc14042e1533cd1f301665f8924c63df8cae5ce6b7d36afbe14ea755f913c84664a6f75b1ef82bb294f0b701e167b78cdb8129b6f3038cf5e87cb9bf44eb023
-
SSDEEP
384:YKwAXXwpskBwiRtj8cgYI90TumDI2cl1caXU0cYulkXwJtb9jv:BXXXKHBxRtj8c6Ccl1caXFcoXwJtb9jv
Malware Config
Extracted
metasploit
encoder/shikata_ga_nai
Extracted
metasploit
windows/reverse_tcp
192.168.12.128:5544
Targets
-
-
Target
cfb5f740f662cd134e5a114a9f041a0c320fba850b48874ff1d2c23ca6be3fb5
-
Size
17KB
-
MD5
b89b02e73b9191bbae636a043a1bc765
-
SHA1
d82d93d0d526b5dd36515c493a4c606ccaf3c787
-
SHA256
cfb5f740f662cd134e5a114a9f041a0c320fba850b48874ff1d2c23ca6be3fb5
-
SHA512
2dc14042e1533cd1f301665f8924c63df8cae5ce6b7d36afbe14ea755f913c84664a6f75b1ef82bb294f0b701e167b78cdb8129b6f3038cf5e87cb9bf44eb023
-
SSDEEP
384:YKwAXXwpskBwiRtj8cgYI90TumDI2cl1caXU0cYulkXwJtb9jv:BXXXKHBxRtj8c6Ccl1caXFcoXwJtb9jv
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Command and Scripting Interpreter: PowerShell
Run Powershell and hide display window.
-