Overview

overview

10

Static

static

10

d1c6948645...f4.dll

windows7_x64

1

d1c6948645...f4.dll

windows10_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d1c694864523ee13235c70fb120b4605c07f840a0d2cee2b2707c7dfc9ec45f4

  • Size

    207KB

  • Sample

    201111-mnmfa1tth2

  • MD5

    c8b50ca983b80b94c80a2257c36147d3

  • SHA1

    48e7150a0f125cf3cd4ff3e0978c0460815acb5c

  • SHA256

    d1c694864523ee13235c70fb120b4605c07f840a0d2cee2b2707c7dfc9ec45f4

  • SHA512

    edc4ca08df47aa9c8e10c642777a43d4ec7a8e356eb1dce8c1c598d53d03bf634ea35785cc8f9ef5cfa353db488d593bc2c1a972f1968ea6c30408e3d6ab16e8

Score
10/10
cobaltstrike

Malware Config

Extracted

Family

cobaltstrike

C2

http://103.140.238.161:30030/cx

Attributes
  • access_type

    512

  • host

    103.140.238.161,/cx

  • http_header1

    AAAABwAAAAAAAAADAAAABgAAAAZDb29raWUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==

  • http_header2

    AAAACgAAACZDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL29jdGV0LXN0cmVhbQAAAAcAAAAAAAAABQAAAAJpZAAAAAcAAAABAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==

  • http_method1

    GET

  • http_method2

    POST

  • maxdns

    255

  • polling_time

    60000

  • port_number

    30030

  • sc_process32

    %windir%\syswow64\rundll32.exe

  • sc_process64

    %windir%\sysnative\rundll32.exe

  • state_machine

    MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCXwZo072LtFKrgYKfQcTtBZ0rqTla3DgTgFfM0W2hQui/FSYewy1zy3TKHATwGx6Jll7n5vJ1fH3Xz9yvlAfB/OtIqT0Vbw9IAeB8iwhexEI4yA0h83Zz3dNmrX7LQWopv4GAS46fHCFeiKzRrbSfX7qAQ2j4glSQBrUggA8Gg6wIDAQABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==

  • unknown1

    4096

  • unknown2

    AAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==

  • uri

    /submit.php

  • user_agent

    Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; NP06)

Targets

    • Target

      d1c694864523ee13235c70fb120b4605c07f840a0d2cee2b2707c7dfc9ec45f4

    • Size

      207KB

    • MD5

      c8b50ca983b80b94c80a2257c36147d3

    • SHA1

      48e7150a0f125cf3cd4ff3e0978c0460815acb5c

    • SHA256

      d1c694864523ee13235c70fb120b4605c07f840a0d2cee2b2707c7dfc9ec45f4

    • SHA512

      edc4ca08df47aa9c8e10c642777a43d4ec7a8e356eb1dce8c1c598d53d03bf634ea35785cc8f9ef5cfa353db488d593bc2c1a972f1968ea6c30408e3d6ab16e8

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks