General

  • Target

    e83602399d36b5d0c59bb8c45041893a0e9f464a50ef7343a597a563277f38dd

  • Size

    72KB

  • MD5

    b6a956de4abc5f0537c3d3270df6e4c1

  • SHA1

    dcd1de99e77fbd8dc76c4acc5eeab84cccd78c5f

  • SHA256

    e83602399d36b5d0c59bb8c45041893a0e9f464a50ef7343a597a563277f38dd

  • SHA512

    4e6ac98a0399f56454445c6ae7d859222acdef666f22417fa26887db1a287a70ff440d4540ed569a884c45cf79f813f4c90d9723b5c75e154d25c334c02efab0

  • SSDEEP

    1536:IMfAtvnP3s5KkoymCYNLWUHMb+KR0Nc8QsJq39:hfGvnP3oKoaLWUHe0Nc8QsC9

Score
10/10

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

192.168.56.102:4444

Signatures

  • Metasploit family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • e83602399d36b5d0c59bb8c45041893a0e9f464a50ef7343a597a563277f38dd
    .exe windows:4 windows x86 arch:x86

    481f47bbb2c9c21e108d65f52b04c448


    Headers

    Imports

    Sections