General
-
Target
d8e1403446ac131ac3b62ce10a3ee93e385481968f21658779e084545042840f
-
Size
192KB
-
Sample
220122-apd7safbem
-
MD5
f47ef8b72499da7a20d0765fcd0c91cf
-
SHA1
5ef8259662471c95ef198091e9ef5f81aa2fa855
-
SHA256
d8e1403446ac131ac3b62ce10a3ee93e385481968f21658779e084545042840f
-
SHA512
6c593fc793136fee992ac291e2da838937a5ac1f248c2f3838a12105387bbbeb859badd5baa7d24d518c08bd41bbc158d804b0421c4ad3395e6d61bc59691fab
Static task
static1
Behavioral task
behavioral1
Sample
d8e1403446ac131ac3b62ce10a3ee93e385481968f21658779e084545042840f.dll
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
d8e1403446ac131ac3b62ce10a3ee93e385481968f21658779e084545042840f.dll
Resource
win10-en-20211208
Malware Config
Extracted
cobaltstrike
0
http://updatesupermaster.info:443/push
http://93.113.131.162:443/cx
-
beacon_type
2048
-
host
updatesupermaster.info,/push,93.113.131.162,/cx
-
http_header1
AAAABwAAAAAAAAADAAAABgAAAAZDb29raWUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
http_header2
AAAACgAAACZDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL29jdGV0LXN0cmVhbQAAAAcAAAAAAAAABQAAAAJpZAAAAAcAAAABAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
maxdns
255
-
pipe_name
\\%s\pipe\msagent_%x
-
polling_time
60000
-
port_number
443
-
state_machine
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCEebq+4PL5n/BCjIoX5KVAbqqzFHHELNlq/vOwCFDYDqc7O7Rmp3qTRDlidnTNAxiHdvWnEzx78We8vDU+BlvxqmygY2LJe2U65GOIJ9kyN3ItBgyaJ9Gs8TXynB5WPhafCYdsYQLSXbHlB4Q4t+J6f8ES0+0JOZpZSvPvE7Y/WQIDAQABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
unknown1
4096
-
unknown2
AAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
uri
/submit.php
-
user_agent
Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0)
-
watermark
0
Targets
-
-
Target
d8e1403446ac131ac3b62ce10a3ee93e385481968f21658779e084545042840f
-
Size
192KB
-
MD5
f47ef8b72499da7a20d0765fcd0c91cf
-
SHA1
5ef8259662471c95ef198091e9ef5f81aa2fa855
-
SHA256
d8e1403446ac131ac3b62ce10a3ee93e385481968f21658779e084545042840f
-
SHA512
6c593fc793136fee992ac291e2da838937a5ac1f248c2f3838a12105387bbbeb859badd5baa7d24d518c08bd41bbc158d804b0421c4ad3395e6d61bc59691fab
Score3/10 -