General
-
Target
ca8491889201ee130cf5ae702204a2bd663fe5a42f62728361c96c0a464a56c4N
-
Size
17KB
-
Sample
240918-1gwpzavakf
-
MD5
1ad437b06f6b1901d85f454faea19560
-
SHA1
37feefcbb97ce675a732f995fba0be4c3f9d92bf
-
SHA256
ca8491889201ee130cf5ae702204a2bd663fe5a42f62728361c96c0a464a56c4
-
SHA512
c123189fb4ab7e0c389f7c91f8762a713aeaaf49432a075886a6e58d36b0dcb47bf5314d4ae3dd462079652f973be8fe5554a2b2b80576d4dc56ce97a75e592a
-
SSDEEP
384:UjcjwcOkjc5lPvL/c1fcKj8cRJPxD9oXiIdhIn/PCcmL6npalkXWJPoH:Ujcjwc1jc5B/c1fcKj8chGMPCcfpBXW4
Malware Config
Extracted
metasploit
encoder/shikata_ga_nai
Extracted
metasploit
windows/reverse_tcp
10.0.2.15:2222
Targets
-
-
Target
ca8491889201ee130cf5ae702204a2bd663fe5a42f62728361c96c0a464a56c4N
-
Size
17KB
-
MD5
1ad437b06f6b1901d85f454faea19560
-
SHA1
37feefcbb97ce675a732f995fba0be4c3f9d92bf
-
SHA256
ca8491889201ee130cf5ae702204a2bd663fe5a42f62728361c96c0a464a56c4
-
SHA512
c123189fb4ab7e0c389f7c91f8762a713aeaaf49432a075886a6e58d36b0dcb47bf5314d4ae3dd462079652f973be8fe5554a2b2b80576d4dc56ce97a75e592a
-
SSDEEP
384:UjcjwcOkjc5lPvL/c1fcKj8cRJPxD9oXiIdhIn/PCcmL6npalkXWJPoH:Ujcjwc1jc5B/c1fcKj8chGMPCcfpBXW4
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Command and Scripting Interpreter: PowerShell
Run Powershell and hide display window.
-