Overview

overview

10

Static

static

10

914de6ab09...6b.dll

windows7_x64

1

914de6ab09...6b.dll

windows10_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    914de6ab09a9a2d6a2f8118e2068416b

  • Size

    207KB

  • Sample

    201117-rthr8383tn

  • MD5

    9cfc38ee4e490a9c71e356c27f7dff3e

  • SHA1

    6ab49e0109182ce9bde3d0a6c68c097f639d377b

  • SHA256

    a9b97ed0f52f405a812e2aa42ee1962e05a7497e4b6e88ea4b3d31dc7db471ca

  • SHA512

    2f572d2fb331f227bf71aa78362281ad81e10c1670bb09b4566dae5f161796f1703692749e7dfb3f523531416c1c5ae8626797c3c5902436de5e937ed6e3d5e7

Score
10/10
cobaltstrike

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.10.147:5556/push

Attributes
  • access_type

    512

  • host

    192.168.10.147,/push

  • http_header1

    AAAABwAAAAAAAAADAAAABgAAAAZDb29raWUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==

  • http_header2

    AAAACgAAACZDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL29jdGV0LXN0cmVhbQAAAAcAAAAAAAAABQAAAAJpZAAAAAcAAAABAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==

  • http_method1

    GET

  • http_method2

    POST

  • maxdns

    255

  • polling_time

    60000

  • port_number

    5556

  • sc_process32

    %windir%\syswow64\rundll32.exe

  • sc_process64

    %windir%\sysnative\rundll32.exe

  • state_machine

    MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC10V2CX5cBjYcPIsw2huRaohIre5LXeDVuHaU0Cx6nZGm6geVbaAUDvgRDs2bTuCiCSYe7N/ZCwD6qg3Cs4rgqwQ2Rd10GrR7SJxea+QZGhoy9pcyUbrWOblw6amo/MCPRU+cqOafkfALn5NnYbOE6pxBMzNYtH7nHfQ9Ks4oCjwIDAQABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==

  • unknown1

    4096

  • unknown2

    AAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==

  • uri

    /submit.php

  • user_agent

    Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; BOIE9;NLNL)

Targets

    • Target

      914de6ab09a9a2d6a2f8118e2068416b

    • Size

      207KB

    • MD5

      9cfc38ee4e490a9c71e356c27f7dff3e

    • SHA1

      6ab49e0109182ce9bde3d0a6c68c097f639d377b

    • SHA256

      a9b97ed0f52f405a812e2aa42ee1962e05a7497e4b6e88ea4b3d31dc7db471ca

    • SHA512

      2f572d2fb331f227bf71aa78362281ad81e10c1670bb09b4566dae5f161796f1703692749e7dfb3f523531416c1c5ae8626797c3c5902436de5e937ed6e3d5e7

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks