General
-
Target
92b394fc2bb60837a2aab5ff5a01693b285d12bbe5fabdcbd9634262dfd67787.exe
-
Size
17KB
-
Sample
241122-yhfzsstkcr
-
MD5
01f7ce6d9dfd5705227235823d4f8fac
-
SHA1
2a6a8f97ccb27b743f033f52cbe44d940dec7cd6
-
SHA256
92b394fc2bb60837a2aab5ff5a01693b285d12bbe5fabdcbd9634262dfd67787
-
SHA512
27811ac4a97006fc63f8e34adc2e7159df9a9fe93ca4a3afcfd78e2e587d2d41c00167b05ad98c002d0493301c95f0eb9f47a6aaf931c008e6d981f647e44c96
-
SSDEEP
384:t7n9EEoLO56ayzcMj+g/uaIjdOPCcmL6nvDciFs5INe4pAHLw4gj:paE8O56lcVlOPCcfvDciFs5INerLwj
Malware Config
Extracted
metasploit
encoder/shikata_ga_nai
Extracted
metasploit
windows/reverse_tcp
192.168.42.130:4444
Targets
-
-
Target
92b394fc2bb60837a2aab5ff5a01693b285d12bbe5fabdcbd9634262dfd67787.exe
-
Size
17KB
-
MD5
01f7ce6d9dfd5705227235823d4f8fac
-
SHA1
2a6a8f97ccb27b743f033f52cbe44d940dec7cd6
-
SHA256
92b394fc2bb60837a2aab5ff5a01693b285d12bbe5fabdcbd9634262dfd67787
-
SHA512
27811ac4a97006fc63f8e34adc2e7159df9a9fe93ca4a3afcfd78e2e587d2d41c00167b05ad98c002d0493301c95f0eb9f47a6aaf931c008e6d981f647e44c96
-
SSDEEP
384:t7n9EEoLO56ayzcMj+g/uaIjdOPCcmL6nvDciFs5INe4pAHLw4gj:paE8O56lcVlOPCcfvDciFs5INerLwj
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Metasploit family
-
Command and Scripting Interpreter: PowerShell
Run Powershell and hide display window.
-