General
-
Target
41aa0081_by_Libranalysis
-
Size
15KB
-
Sample
210430-a52jek6x6j
-
MD5
41aa008185070288d9ed724f7b6d019e
-
SHA1
c98c994bbd246a7e7393fc3ceb1797a894b31ed0
-
SHA256
132d7c9fb98d25448d2e7dc93bdca6d804e17a206cf5a49fcbe4b682225a8cdd
-
SHA512
0cfe8763f8af0778e460b26e6903ef0aa2a8fefe24f3d32c5e731acd516fec5cfdf48a70b356c1ad3145796fec020bf4d35b96831e74cb0ddd64a150598945b0
Static task
static1
Behavioral task
behavioral1
Sample
b86f05022834b63e29afc18378b503917c1b271d6254a703e558b72e1dacafc2.vbs
Resource
win7v20210410
Behavioral task
behavioral2
Sample
b86f05022834b63e29afc18378b503917c1b271d6254a703e558b72e1dacafc2.vbs
Resource
win10v20210408
Malware Config
Extracted
cobaltstrike
http://192.168.213.170:806/Rpc
-
user_agent
Host: outlook.live.com Accept: */* User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko)
Targets
-
-
Target
b86f05022834b63e29afc18378b503917c1b271d6254a703e558b72e1dacafc2
-
Size
61KB
-
MD5
309428cf862018e10264ae249398c09f
-
SHA1
226789020acd5998326c0b6b51c6137de9ec827d
-
SHA256
b86f05022834b63e29afc18378b503917c1b271d6254a703e558b72e1dacafc2
-
SHA512
f1e742031586c5275121623447402d76830ad93b8acec94cf073de824752cbc7b9422a6e0907170378a15f41d62c8dbc7eb1b6c52d892b0011872878e396f823
Score10/10-
Executes dropped EXE
-
Loads dropped DLL
-