Analysis
-
max time kernel
122s -
max time network
122s -
platform
windows7_x64 -
resource
win7-en-20211208 -
submitted
14-12-2021 13:51
Static task
static1
Behavioral task
behavioral1
Sample
oben32.dll
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
oben32.dll
Resource
win10-en-20211208
General
-
Target
oben32.dll
-
Size
354KB
-
MD5
b873bfa8dec8c3a1f62c30903e59e849
-
SHA1
2c4aaefe0c20843db9b9f4996d42c7563b081097
-
SHA256
fba9dd0ebb8d838fa394cda10dca50450d8c0fc6158deff38904072140d64507
-
SHA512
a8c0a467788335297f34b9a60401b0ef50e023d0efc0b77eaf560decc785ed2c2b79534e14451aab747e307baa057fad0956e2941ff28b9995d4dbbd6e762457
Malware Config
Extracted
cobaltstrike
http://api.musicbee.getlist.destinycraftpe.com:443/azure/v2/api
-
user_agent
Content-Type: application/json accept: */* cookie: HSID=cl0gxhLgPAirQvdbj sec-ch-ua: Chromium;v=91 sec-ch-ua-mobile: ?0 sec-fetch-site: same-site sec-fetch-mode: cors sec-fetch-dest: empty accept-encoding: gzip, deflate accept-language: en X-Amz-Cf-Pop: HTL55-C2 User-Agent: MusicBee/3.4
Signatures
-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.