General

  • Target

    windows-meterpreter-staged-reverse-tcp-443.exe

  • Size

    72KB

  • MD5

    d21e6918585a08bfe6b0924cd8be891d

  • SHA1

    7599de87bb0ae7f166ffbb99b6b6721d038b82c5

  • SHA256

    0b16bd114f42f02ce22ed157b3b67c219266475c4968f7f445e75271badd2a8f

  • SHA512

    b5db21bf50a3872b6d9fbe86ea05d15d231b2a5d964e83021572c8791b52665a8fd818d7d58a40b35eb497de7044b0014826b5edeba58de9ec36783a4bdac047

  • SSDEEP

    1536:IDTfPvYhNzyb1LMnsqVCotxaS76L6qAUMb+KR0Nc8QsJq39:6LHYhN+b1BqMouDL6qAUe0Nc8QsC9

Score
10/10

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

10.0.0.14:443

Signatures

  • Metasploit family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • windows-meterpreter-staged-reverse-tcp-443.exe
    .exe windows:4 windows x86

    481f47bbb2c9c21e108d65f52b04c448


    Headers

    Imports

    Sections