General
-
Target
339c7ac759b7ef0ab8e2a9434f53fcd212786575b08b4b41687ab10fdcf2c502
-
Size
17KB
-
Sample
210507-lrffjyl1w6
-
MD5
60a1bfe619b2dc1cec9f3f61762255f4
-
SHA1
0c71506f28da58c9c90a0008eafae21309f729b7
-
SHA256
339c7ac759b7ef0ab8e2a9434f53fcd212786575b08b4b41687ab10fdcf2c502
-
SHA512
1bbeddebc065360a49b0cea2a0e876a6237baca850cb75f73ee94fb6c37858c0c2f1274fe9a5a4ee2a8e739a3385d389ba702130a8dea98adde4043820bc926c
Static task
static1
Behavioral task
behavioral1
Sample
339c7ac759b7ef0ab8e2a9434f53fcd212786575b08b4b41687ab10fdcf2c502.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
339c7ac759b7ef0ab8e2a9434f53fcd212786575b08b4b41687ab10fdcf2c502.exe
Resource
win10v20210410
Malware Config
Extracted
cobaltstrike
http://95.181.157.170:80/uNIQ
-
user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)
Targets
-
-
Target
339c7ac759b7ef0ab8e2a9434f53fcd212786575b08b4b41687ab10fdcf2c502
-
Size
17KB
-
MD5
60a1bfe619b2dc1cec9f3f61762255f4
-
SHA1
0c71506f28da58c9c90a0008eafae21309f729b7
-
SHA256
339c7ac759b7ef0ab8e2a9434f53fcd212786575b08b4b41687ab10fdcf2c502
-
SHA512
1bbeddebc065360a49b0cea2a0e876a6237baca850cb75f73ee94fb6c37858c0c2f1274fe9a5a4ee2a8e739a3385d389ba702130a8dea98adde4043820bc926c
Score10/10-
Suspicious use of NtCreateProcessExOtherParentProcess
-