General

  • Target

    5eecdfb5acfc9885f2939b5f3964cbb9

  • Size

    72KB

  • MD5

    5eecdfb5acfc9885f2939b5f3964cbb9

  • SHA1

    cf56495a4ef9e5e38635f0c5fff7572c9cc34e4e

  • SHA256

    28a0a5d6c9446d2ef6cc74f108d8a7b32a48eca80fe5b0711648d4f75ac22b0c

  • SHA512

    37def9cafda5634a5833b84d1bbe04b187bbcd62b05ff2f54ea2081c31d89e3e4e2649820088de9ac7ddb83124d404c907c12a581ffef794296217827ad9a5b4

  • SSDEEP

    1536:I41MO13mISaTVUBChgllo0CmAg0Mb+KR0Nc8QsJq39:VvVmISapsChuo0HAg0e0Nc8QsC9

Score
10/10

Malware Config

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

87.7.3.176:4444

Signatures

  • Metasploit family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 5eecdfb5acfc9885f2939b5f3964cbb9
    .exe windows:4 windows x86 arch:x86

    481f47bbb2c9c21e108d65f52b04c448


    Headers

    Imports

    Sections