General
-
Target
9127f4731cb668c005941f22e29406e5973f97a54faa0ea3d8b91b163e37b19a
-
Size
767KB
-
Sample
210428-fsml5dmzqx
-
MD5
38ac03e53cdc3c34a0ac359037c5684d
-
SHA1
c012eb2f47685d8c0d78936cd50591f26d15c4d5
-
SHA256
9127f4731cb668c005941f22e29406e5973f97a54faa0ea3d8b91b163e37b19a
-
SHA512
d880704dc01dddf4741fa03b53a6152b0dbb0b531780fc736fd8c81c51928f5d89e445535b57245155081d79990b8b8944e3c8d9f0aa3812ed19ba84004b23cb
Static task
static1
Behavioral task
behavioral1
Sample
9127f4731cb668c005941f22e29406e5973f97a54faa0ea3d8b91b163e37b19a.exe
Resource
win7v20210410
Behavioral task
behavioral2
Sample
9127f4731cb668c005941f22e29406e5973f97a54faa0ea3d8b91b163e37b19a.exe
Resource
win10v20210408
Malware Config
Extracted
cobaltstrike
0
http://vepcdn.microsoft.com:80/lite/static/js/1826.f1c2fa77.chunk.js
http://download.visualstudio.microsoft.com:80/lite/static/js/1826.f1c2fa77.chunk.js
-
access_type
512
-
host
vepcdn.microsoft.com,/lite/static/js/1826.f1c2fa77.chunk.js,download.visualstudio.microsoft.com,/lite/static/js/1826.f1c2fa77.chunk.js
-
http_header1
AAAACgAAAEdBY2NlcHQ6IHRleHQvaHRtbCxhcHBsaWNhdGlvbi94aHRtbCt4bWwsYXBwbGljYXRpb24veG1sO3E9MC45LCovKjtxPTAuOAAAAAoAAAAjUmVmZXJlcjogaHR0cDovL2JyYW5kLmxpbmtlZGluLmNvbS8AAAAKAAAAHkFjY2VwdC1FbmNvZGluZzogZ3ppcCwgZGVmbGF0ZQAAAAcAAAAAAAAADQAAAAIAAAAJX19jZmR1aWQ9AAAABgAAAAZDb29raWUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
-
http_header2
AAAACgAAAEdBY2NlcHQ6IHRleHQvaHRtbCxhcHBsaWNhdGlvbi94aHRtbCt4bWwsYXBwbGljYXRpb24veG1sO3E9MC45LCovKjtxPTAuOAAAAAoAAAAjUmVmZXJlcjogaHR0cDovL2JyYW5kLmxpbmtlZGluLmNvbS8AAAAKAAAAHkFjY2VwdC1FbmNvZGluZzogZ3ppcCwgZGVmbGF0ZQAAAAcAAAAAAAAADwAAAA0AAAAFAAAACF9fY2ZkdWlkAAAABwAAAAEAAAAPAAAADQAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
-
http_method1
GET
-
http_method2
POST
-
jitter
9472
-
polling_time
57305
-
port_number
80
-
sc_process32
%windir%\syswow64\dllhost.exe
-
sc_process64
%windir%\sysnative\dllhost.exe
-
state_machine
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDDa14pI+KHc4hacVJaYyMZHO0bzpDtNhP+JNn5mApEDAj9xpSHnp8rVq0Ekc9691bMZnfxnHdhxmXcSdPtBtI/nTtBlOnO/FZx9YuRssfXOP63XJ5eosw0DH6V5MM5EtAGUAlxGRS0okFP14AH9ACPjPhNXKgUhfGoWfDbnpwJnQIDAQABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
unknown1
7.28438016e+08
-
unknown2
AAAABAAAAAEAAAX8AAAAAgAAAHMAAAACAAAPYQAAAA0AAAAPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
uri
/lite/static/js/4464.c01c0ad8.chunk.js
-
user_agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4280.141 Safari/537.36
-
watermark
0
Targets
-
-
Target
9127f4731cb668c005941f22e29406e5973f97a54faa0ea3d8b91b163e37b19a
-
Size
767KB
-
MD5
38ac03e53cdc3c34a0ac359037c5684d
-
SHA1
c012eb2f47685d8c0d78936cd50591f26d15c4d5
-
SHA256
9127f4731cb668c005941f22e29406e5973f97a54faa0ea3d8b91b163e37b19a
-
SHA512
d880704dc01dddf4741fa03b53a6152b0dbb0b531780fc736fd8c81c51928f5d89e445535b57245155081d79990b8b8944e3c8d9f0aa3812ed19ba84004b23cb
Score10/10 -