Overview

overview

10

Static

static

10

wget-csb-ys.exe

windows7-x64

10

wget-csb-ys.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    wget-csb-ys.exe

  • Size

    301KB

  • MD5

    991dd93578e6b11df3ec6b13899bfba2

  • SHA1

    180bb1a344f3a4bdd3bc932cd2a2e456087bb476

  • SHA256

    7340367ba63ce3cfaec6b4fa85ade754cffaa6e7b30054217969e6ea72c8ea47

  • SHA512

    7aa0424a3cd4d56d3aca333ae322023b41e126048f7fb39c02a3ebdd87cbccc875395e7a3d10ffb7f464f6a9e1e774c81f6b5b82dbc920fe0210eb6db4cd65f3

  • SSDEEP

    6144:b0CEY5qWKe5vO0zS+NvCWAU8O+UppNt3+ueWCM+nzOv2/dNQw:bVHv5G0zBdCWAUDfNt3+u0VicPQw

Score
10/10
upxmetasploit

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

45.120.107.132:1111

Signatures

  • Metasploit family
    metasploit
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • wget-csb-ys.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections