General
-
Target
df3a183cd356d14ca1dee36a0376de8ed7d8be2451e3e191caca004cbdba568d
-
Size
4.0MB
-
Sample
220122-alcvjsfaal
-
MD5
3533c61681c33d5c17d8ff7a769e1592
-
SHA1
56b85b40625ef09127b0af70a4d19a8fa4e0016c
-
SHA256
df3a183cd356d14ca1dee36a0376de8ed7d8be2451e3e191caca004cbdba568d
-
SHA512
830ead8268be865b25891e5e3a9a4384588325a5784ee987d55f72c9f0f67289b1f46b13705b880a76f08474cc781fd03e29c4fedbc6128886f0eea78b59dac0
Static task
static1
Behavioral task
behavioral1
Sample
df3a183cd356d14ca1dee36a0376de8ed7d8be2451e3e191caca004cbdba568d.dll
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
df3a183cd356d14ca1dee36a0376de8ed7d8be2451e3e191caca004cbdba568d.dll
Resource
win10-en-20211208
Malware Config
Extracted
cobaltstrike
0
http://86.106.131.207:443/visit.js
-
beacon_type
2048
-
host
86.106.131.207,/visit.js
-
http_header1
AAAABwAAAAAAAAADAAAABgAAAAZDb29raWUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
http_header2
AAAACgAAACZDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL29jdGV0LXN0cmVhbQAAAAcAAAAAAAAABQAAAAJpZAAAAAcAAAABAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
maxdns
255
-
pipe_name
\\%s\pipe\msagent_%x
-
polling_time
60000
-
port_number
443
-
state_machine
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCPtLEgPCPVf0beGg/KsNhh0t3fDTVA2x3BI6Xzs7PVZ/9ru8mRtmCG8vF66GWoocxUwgv8NmnNwNMd0JP+1Wrn2QaSuzt86mNw4qhBv9IcOTlbSSTU1hVNPqhLuM64/97mjkor6OK8AR2/GBN6nefT6370Fx46kkuhdIUBXuru9wIDAQABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
unknown1
4096
-
unknown2
AAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
uri
/submit.php
-
user_agent
Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; BOIE9;ENUS)
-
watermark
0
Targets
-
-
Target
df3a183cd356d14ca1dee36a0376de8ed7d8be2451e3e191caca004cbdba568d
-
Size
4.0MB
-
MD5
3533c61681c33d5c17d8ff7a769e1592
-
SHA1
56b85b40625ef09127b0af70a4d19a8fa4e0016c
-
SHA256
df3a183cd356d14ca1dee36a0376de8ed7d8be2451e3e191caca004cbdba568d
-
SHA512
830ead8268be865b25891e5e3a9a4384588325a5784ee987d55f72c9f0f67289b1f46b13705b880a76f08474cc781fd03e29c4fedbc6128886f0eea78b59dac0
Score3/10 -