General
-
Target
d8ba794357c685bfcb868a5f3478dca99b2da14c8953222860ffbf9fc5e4d297N.exe
-
Size
17KB
-
Sample
241230-qmtsfswkep
-
MD5
62393e09532b6743d0163e62bffbb920
-
SHA1
de7b9f2f69f33bb5da3168c979fc0875ddb5bc8d
-
SHA256
d8ba794357c685bfcb868a5f3478dca99b2da14c8953222860ffbf9fc5e4d297
-
SHA512
a446b958a4107cbf07314ca6e546e25ad7c1cc973c9b28882d58a0c238a00215c3dbcb51c6a489fc8c2f3c388770ded72b5cc18bf3405014e8984fc099c9f82f
-
SSDEEP
384:ZEEoLO56ayzcMj+M+XLpZ5NzylYg3w+awmc48EJaB:GE8O56lcVM+XSYg3w+ucKaB
Malware Config
Extracted
metasploit
encoder/shikata_ga_nai
Extracted
metasploit
windows/reverse_tcp
192.168.1.74:443
Targets
-
-
Target
d8ba794357c685bfcb868a5f3478dca99b2da14c8953222860ffbf9fc5e4d297N.exe
-
Size
17KB
-
MD5
62393e09532b6743d0163e62bffbb920
-
SHA1
de7b9f2f69f33bb5da3168c979fc0875ddb5bc8d
-
SHA256
d8ba794357c685bfcb868a5f3478dca99b2da14c8953222860ffbf9fc5e4d297
-
SHA512
a446b958a4107cbf07314ca6e546e25ad7c1cc973c9b28882d58a0c238a00215c3dbcb51c6a489fc8c2f3c388770ded72b5cc18bf3405014e8984fc099c9f82f
-
SSDEEP
384:ZEEoLO56ayzcMj+M+XLpZ5NzylYg3w+awmc48EJaB:GE8O56lcVM+XSYg3w+ucKaB
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Metasploit family
-
Command and Scripting Interpreter: PowerShell
Run Powershell and hide display window.
-