General

  • Target

    79e925732ceb942e8df8b0eb55779cd035db0f4a7e941654008709ff8a1eefef

  • Size

    226KB

  • MD5

    ba70e40dccd051da4138cfde3f774124

  • SHA1

    466c781a357204c166e1efb66e13c8830fc21f32

  • SHA256

    79e925732ceb942e8df8b0eb55779cd035db0f4a7e941654008709ff8a1eefef

  • SHA512

    f81846f8b8d8e54fd671191c00a545bd643c91a6adca20a89b1d59c1bbb31fea4a28150ea5ce167959e3bcd3e61e49735d216eb199fa9e34de15b7f0e98f6645

  • SSDEEP

    1536:v5tQMZLXIqgeQnsPQsioHkOkBwhGePs1n7l3oKTFbzGhFt462X6spi7q3fmGCLPu:htbUq/R24WTFzlol4evXqXm3/Vf6

Score
10/10

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

192.168.1.114:4302

Signatures

  • Metasploit family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 79e925732ceb942e8df8b0eb55779cd035db0f4a7e941654008709ff8a1eefef
    .exe windows:4 windows x86 arch:x86

    1318c234b25d8961fe718efa68a6b0ef


    Headers

    Imports

    Sections