General

  • Target

    4795a408ef8041b1405d1b3cbd81b9a6288ebe17d6bbd3ae6559bf318a433771N

  • Size

    72KB

  • MD5

    8e9fb31ace72c3cd4c882b4b7d860700

  • SHA1

    3403f61cb47c2d572f655455a6c70ec9a0de0796

  • SHA256

    4795a408ef8041b1405d1b3cbd81b9a6288ebe17d6bbd3ae6559bf318a433771

  • SHA512

    71b819e4713799cffec4175fa277dd41cc5ce46c6f9841992ac9fd16585a058eda90e9ae0a7d9e6086f2d271f02f4b091b87861cdbe229be815a1eb435718473

  • SSDEEP

    1536:IQY2FzUfTLgKWoxgD2u/j9zxDMb+KR0Nc8QsJq39:VY2hUMyub9lDe0Nc8QsC9

Score
10/10

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

10.0.2.15:4444

Signatures

  • Metasploit family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4795a408ef8041b1405d1b3cbd81b9a6288ebe17d6bbd3ae6559bf318a433771N
    .exe windows:4 windows x86 arch:x86

    481f47bbb2c9c21e108d65f52b04c448


    Headers

    Imports

    Sections