General
-
Target
ca502bdf0f154e480dd474096eaabeb1b10084c68e050f92461e93d1fd505c34(1).zip
-
Size
259KB
-
Sample
210302-2g7pva1rt2
-
MD5
119be3e89dd1560abf2d1b98a696205b
-
SHA1
4bbb161523105521533670ce7bd1ab158bcf634c
-
SHA256
43e87f3969a80c2e3f7ba3e8823309892ab2625a1a5c2bb7b2012f131621cd29
-
SHA512
eb176073a59fcc82d226351836911cf93faabc7a96d8d4d7c88ed893a0986d7d870f5161cb72d1a308b12675bc93e0417cae4ed0d5678f5f666d6d859b8b29ba
Static task
static1
Behavioral task
behavioral1
Sample
test_vmray.ps1
Resource
win7v20201028
Behavioral task
behavioral2
Sample
test_vmray.ps1
Resource
win10v20201028
Malware Config
Extracted
cobaltstrike
-
beacon_type
512
-
http_header1
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
http_header2
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
pipe_name
\\%s\pipe\PIPE_EVENTROOT\CIMV2SCM EVENT PROVIDER%x
-
polling_time
10000
-
port_number
4444
-
sc_process32
%windir%\syswow64\svchost.exe -k netsvcs
-
sc_process64
%windir%\sysnative\svchost.exe -k netsvcs
-
state_machine
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCONA8A72Bdn9495nGRpH9z/+z9E5p4nAmFzZqqyWaICLLT7ligrLTVitGEz6iZ4mPBPW6QfHDnCJYloBF9e0cC8v0seI2/VZmTso0f3vrTJEf6NdlRzYD/MQnkDCrPHKa+Z2stc9sKKG0nz6i4IXTN+D1SkTO1dl6vkeXpCWIdCQIDAQABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
unknown1
4096
-
unknown2
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
Targets
-
-
Target
test_vmray.ps1
-
Size
514KB
-
MD5
8c147be542bb5a80764a758514b7a0cc
-
SHA1
9b7070a20f9597947e4a3d11b0147d5398beb670
-
SHA256
ca502bdf0f154e480dd474096eaabeb1b10084c68e050f92461e93d1fd505c34
-
SHA512
711d024bbd234a9e5470fa5265695576329147974d38fe0f97d86e91e0c2a150d056d70059d9c9e8d1b76d0c4dd496eb66eb1e13728fe2bf1399ad686be7eb55
Score10/10 -