General

  • Target

    7d96f32a2f565964f727dd564e95c87c3920c4f1c754404824d954eafc7eedc3

  • Size

    54KB

  • MD5

    240a9156637ac5dc71bc3f2067a37266

  • SHA1

    ffd7de44e22623ee4660f2be31b869afa468d661

  • SHA256

    7d96f32a2f565964f727dd564e95c87c3920c4f1c754404824d954eafc7eedc3

  • SHA512

    a46364018d32c93d98e898ae50bd0b645a8daddeb3a245576f0a25e1e70cd556770df1bf38c137bb92bd96218c529f2b40001920bb23b9884bc05b9bfd000cdc

  • SSDEEP

    768:bqcyGIkugTsG2kbH1Egx3MYh9tg7WhMSHF8K41OUIhgCIYCH0I+kW947f:PjI1g/2kbH153de7hSprUYgCvCBj

Score
10/10

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

192.168.1.111:1419

Signatures

  • Metasploit family
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • 7d96f32a2f565964f727dd564e95c87c3920c4f1c754404824d954eafc7eedc3
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections