General

  • Target

    payload.exe

  • Size

    72KB

  • MD5

    5599169a405694cf73e91062bc236e7d

  • SHA1

    00d234c39bf2666586eed9ee6ec098a0ff8a9c2f

  • SHA256

    2b5d10983c0b474359c6cf239a0ea33573a0bb0382ba177cc06e3c4b68b1fe6e

  • SHA512

    aabe0d7b6bafda1c059c3e2d9b053ce34850a455a80878fcd789f0a7369964270a546cab765c6577456617c2910ff7b92a1f4775925232d9eea7c441537cc6d2

  • SSDEEP

    1536:IHyDeoQgXakbwrk+4enwqGZsOkMb+KR0Nc8QsJq39:+sBQDk/Pcw6e0Nc8QsC9

Score
10/10

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

75.132.112.158:4444

Signatures

  • Metasploit family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • payload.exe
    .exe windows:4 windows x86 arch:x86

    481f47bbb2c9c21e108d65f52b04c448


    Headers

    Imports

    Sections