General

  • Target

    1306d503c12bb4e2491777ac83d09e912eb1c95331a41fa86cfd7e9da3f7a722

  • Size

    72KB

  • MD5

    66b640e8a15f5a5d566bbe46671290f3

  • SHA1

    2c0ca117384c3de414f9a932cb471b845c1631da

  • SHA256

    1306d503c12bb4e2491777ac83d09e912eb1c95331a41fa86cfd7e9da3f7a722

  • SHA512

    0e5488d1b20a0cbd756fd4818207b39fba4c2d468de287f7afd369606efeaa8191ce4003817552ceeedd018a539e17fae9377f95b5141a6b030dcbdb6657f809

  • SSDEEP

    1536:Irr75Y62bCY7EcoE2jsPmiFMb+KR0Nc8QsJq39:k7BqIcwsPmQe0Nc8QsC9

Score
10/10

Malware Config

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

10.10.1.13:444

Signatures

  • Metasploit family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 1306d503c12bb4e2491777ac83d09e912eb1c95331a41fa86cfd7e9da3f7a722
    .exe windows:4 windows x86 arch:x86

    481f47bbb2c9c21e108d65f52b04c448


    Headers

    Imports

    Sections