General
-
Target
bjh.7z
-
Size
792KB
-
Sample
220108-pldjeadab9
-
MD5
b49756fe5fe43ec29b7cf127c0c75055
-
SHA1
615bc4a10505cae9d2c760d578196f6315dcbf48
-
SHA256
3fa703e1d556c84938fa6260fd19c812b4a05a582df95ed8cf2e4eb494f74fde
-
SHA512
605d7a719c638812e6b56a19c5ea9e4f22ffe07b01cfaf9e97dc1dbc1954872c80a0e9de1f7abc33057f467564e3f8eb9c18c374d24a554f1471e086c6250c4e
Static task
static1
Behavioral task
behavioral1
Sample
jcef_helper.exe
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
jcef_helper.exe
Resource
win10-en-20211208
Behavioral task
behavioral3
Sample
libcef.dll
Resource
win7-en-20211208
Behavioral task
behavioral4
Sample
libcef.dll
Resource
win10-en-20211208
Malware Config
Extracted
cobaltstrike
20410727
http://111.123.50.143:443/c/msdownload/update/others/2021/10/29136388_
http://111.41.56.173:443/c/msdownload/update/others/2021/10/29136388_
http://218.68.91.40:443/c/msdownload/update/others/2021/10/29136388_
http://183.192.164.125:443/c/msdownload/update/others/2021/10/29136388_
-
access_type
512
-
beacon_type
2048
-
host
111.123.50.143,/c/msdownload/update/others/2021/10/29136388_,111.41.56.173,/c/msdownload/update/others/2021/10/29136388_,218.68.91.40,/c/msdownload/update/others/2021/10/29136388_,183.192.164.125,/c/msdownload/update/others/2021/10/29136388_
-
http_header1
AAAACgAAAAtBY2NlcHQ6ICovKgAAAAcAAAAAAAAADQAAAAEAAAAELmNhYgAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
-
http_header2
AAAACgAAAAtBY2NlcHQ6ICovKgAAAAcAAAAAAAAADQAAAAEAAAAELmNhYgAAAAwAAAAHAAAAAQAAAA0AAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
-
http_method1
GET
-
http_method2
POST
-
jitter
2560
-
polling_time
60000
-
port_number
443
-
sc_process32
%windir%\syswow64\wuauclt.exe
-
sc_process64
%windir%\sysnative\wuauclt.exe
-
state_machine
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCfV7huVJOwPd8CSFoVk0MTd22Mdcih2TPn+E5z0nSvRP6CjkeS2oX0KywSL6JqPNwGNMGspBdLcWipYaE4c7bx59o0NjvU5qIaUqP+v1JIVnqL1pURznjBRhpjq4tbrrhugBGc0NycZ6Yg7TzxysAFm/+IrFyylTUQSl//57EIDwIDAQABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
unknown1
1.448416512e+09
-
unknown2
AAAABAAAAA0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
uri
/c/msdownload/update/others/2021/10/3215234_
-
user_agent
Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.31
-
watermark
20410727
Targets
-
-
Target
jcef_helper.exe
-
Size
720KB
-
MD5
02b6f7bd556e311ea0a6db767a790d56
-
SHA1
65d5f8b05fa2cdbbd14c147545aa236457cde5a5
-
SHA256
97ed6221334e20650504e0ba8964687b66fcf89172a633ebcd6c1da09663405f
-
SHA512
4a7f49a4487b0cbd4017c1cac1fb6484fa94efe681c236823d6ab4539b6c5a6038022a8e795b71d9b8336b4b1be6a9865101e7b6e9192e5bfef81188052c3e9e
Score10/10 -
-
-
Target
libcef.dll
-
Size
1.5MB
-
MD5
9d78d3951d228f3c0a343e4754b80abc
-
SHA1
53fbc461990975c05e368807496343176976949f
-
SHA256
e91bece5ca4dd53ddcf926b4d132905124d214457f86e0ed4dd01d904907cef4
-
SHA512
2d510b3d39ef66bf18bd9c44688a738eca18ae11c13fa65c4988e98da3b11337fd568b1169db36cb4aaa19440a1a110c63e0387c3efc19c0118fabef33addff2
Score3/10 -