General
-
Target
6146617528975360.zip
-
Size
193KB
-
Sample
210916-tb73gsgehn
-
MD5
546617754873d17e954b25fed4ca5616
-
SHA1
2949ffc546c7736e210549a109ad3c8f64c88bbf
-
SHA256
d86d58db6cfe6500e1b84fc2b0a00ea0b42b48b05cf5860a3524345226e07692
-
SHA512
ae3cffa9a279e43a9ed1db55d6408721a69760e26ce4398642b3bbd3e583b660d1de9d8e922798696b21cbe802f02e9bc0db85616e8da682dabd270d7c70e3ee
Static task
static1
Behavioral task
behavioral1
Sample
0e83b5879826b7959ec265e079d12608101de7230c4d9437f36e25b64d752153.exe
Resource
win7v20210408
Behavioral task
behavioral2
Sample
0e83b5879826b7959ec265e079d12608101de7230c4d9437f36e25b64d752153.exe
Resource
win10-en
Malware Config
Extracted
cobaltstrike
1359593325
http://boostetits.com:443/sm.html
-
access_type
512
-
beacon_type
2048
-
host
boostetits.com,/sm.html
-
http_header1
AAAACgAAABFDb25uZWN0aW9uOiBjbG9zZQAAAAoAAAATQWNjZXB0LUVuY29kaW5nOiBicgAAAAoAAAA9QWNjZXB0LUxhbmd1YWdlOiBmci1DSCwgZnI7cT0wLjksIGVuO3E9MC44LCBkZTtxPTAuNywgKjtxPTAuNQAAAAcAAAAAAAAACwAAAAMAAAACAAAAK3dvcmRwcmVzc19kNmMwNDA1ZTBkN2FiMThmZDRlNmEwYjc0ZmNlNDBiMD0AAAAGAAAABkNvb2tpZQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
-
http_header2
AAAACgAAABFDb25uZWN0aW9uOiBjbG9zZQAAAAoAAAAWQWNjZXB0LUxhbmd1YWdlOiBlbi1VUwAAAAoAAAAYQ29udGVudC1UeXBlOiB0ZXh0L3BsYWluAAAABwAAAAEAAAAIAAAAAwAAAAQAAAAHAAAAAAAAAAMAAAACAAAADl9fc2Vzc2lvbl9faWQ9AAAABgAAAAZDb29raWUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
-
http_method1
GET
-
http_method2
POST
-
jitter
10496
-
polling_time
60760
-
port_number
443
-
sc_process32
%windir%\syswow64\svchost.exe
-
sc_process64
%windir%\sysnative\svchost.exe
-
state_machine
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCKU1xujxzrHeO9D8BsRvJVZrfizeI8sjgj5QC3c87G6F2YVpcA/rBR8wbUTHSukPzLtkePY4qsHnp3VCOlkfRlynX4rvtiqWlNLM2+O4FV5xXA4UFUJmd5JDQjQiavEE4NisuGCSGvgMYjbq+yBg4Gtbgp7Nb9UsZkADcDtTnQiQIDAQABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
unknown1
7.8457344e+07
-
unknown2
AAAABAAAAAIAAAJYAAAAAwAAAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
uri
/posting
-
user_agent
Mozilla/5.0 (Linux; Android 6.0; HTC One X10 Build/MRA58K; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0
-
watermark
1359593325
Targets
-
-
Target
0e83b5879826b7959ec265e079d12608101de7230c4d9437f36e25b64d752153
-
Size
219KB
-
MD5
f233f6e17dabd9fe364c100111b5bc7a
-
SHA1
f39df1204bf278eb7a40eef1418c3278b9b106dc
-
SHA256
0e83b5879826b7959ec265e079d12608101de7230c4d9437f36e25b64d752153
-
SHA512
11c3d400ba8412c037a9e30f687cdb817e959bf711ee67f3117bf9a781832584963681608e2360949203f6702dad396dd3c7955921b08632d19cffaabcf549f4
Score10/10 -