General

  • Target

    9b7d788962875959cf8702bfb474a5b6.bin

  • Size

    72KB

  • MD5

    9b7d788962875959cf8702bfb474a5b6

  • SHA1

    f0eff1897b3c4c8813cd810eb70334fdff463247

  • SHA256

    1d2b5e7791d1bd1f9fb3aa9c81b403614b2a2537709c0e1dee91288da5b2ea2e

  • SHA512

    f096e5f366fc286a44742560afa36d175a43e742215166fbafda4e2fe80be5112c835a8401fd501fcfd5980d9c93667ba9515514777f185a79069fa779f14475

  • SSDEEP

    1536:IHOlSco4MZtOVHns84f5yDEMhrEh2Mb+KR0Nc8QsJq39:BoPtOVM8MY3c2e0Nc8QsC9

Score
10/10

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

172.16.139.10:4445

Signatures

  • Metasploit family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 9b7d788962875959cf8702bfb474a5b6.bin
    .exe windows:4 windows x86 arch:x86

    481f47bbb2c9c21e108d65f52b04c448


    Headers

    Imports

    Sections