General
-
Target
d0dd18fe48a4348c8ac59215f46923e9ebfc1373400c5ff881b3e2516f602216
-
Size
192KB
-
Sample
220122-atts2aehf7
-
MD5
9a26caecb97f0d98d128202bc4670ea7
-
SHA1
2b7343058813beb94719717437a0f1504dcad776
-
SHA256
d0dd18fe48a4348c8ac59215f46923e9ebfc1373400c5ff881b3e2516f602216
-
SHA512
c9db99771a71d613d0ef083679e68118c5c54cf81c436b251c3e325575e4c7ddd66e4846c173d68e8a750264508e7017dea4d45219186a669265b408cca50752
Static task
static1
Behavioral task
behavioral1
Sample
d0dd18fe48a4348c8ac59215f46923e9ebfc1373400c5ff881b3e2516f602216.dll
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
d0dd18fe48a4348c8ac59215f46923e9ebfc1373400c5ff881b3e2516f602216.dll
Resource
win10-en-20211208
Malware Config
Extracted
cobaltstrike
0
http://185.166.239.49:443/fwlink
-
beacon_type
2048
-
host
185.166.239.49,/fwlink
-
http_header1
AAAABwAAAAAAAAADAAAABgAAAAZDb29raWUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
http_header2
AAAACgAAACZDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL29jdGV0LXN0cmVhbQAAAAcAAAAAAAAABQAAAAJpZAAAAAcAAAABAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
maxdns
255
-
pipe_name
\\%s\pipe\msagent_%x
-
polling_time
60000
-
port_number
443
-
state_machine
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCURrAU5kem3Cjm4im4VO5l4QipYdrQvA01OdZev8fY3wJ57F7HDlqgHWUtemUWYlUC7JbzcaGzEFIp6KvFsGFMO3JM2eemqHQMU1zKFfI1eJnioRcEb3A8fHtZcxej/6vTxQ6R05ISLCBehEQFWJUsQydb+/d3YxShQGKNjJPxNwIDAQABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
unknown1
4096
-
unknown2
AAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
uri
/submit.php
-
user_agent
Mozilla/5.0 (compatible; MSIE 9.0; qdesk 2.4.1263.203; Windows NT 6.1; WOW64; Trident/5.0)
-
watermark
0
Targets
-
-
Target
d0dd18fe48a4348c8ac59215f46923e9ebfc1373400c5ff881b3e2516f602216
-
Size
192KB
-
MD5
9a26caecb97f0d98d128202bc4670ea7
-
SHA1
2b7343058813beb94719717437a0f1504dcad776
-
SHA256
d0dd18fe48a4348c8ac59215f46923e9ebfc1373400c5ff881b3e2516f602216
-
SHA512
c9db99771a71d613d0ef083679e68118c5c54cf81c436b251c3e325575e4c7ddd66e4846c173d68e8a750264508e7017dea4d45219186a669265b408cca50752
Score3/10 -