General
-
Target
9d9d1c246ba83a646dd9537d665344d6a611e7a279dcfe288a377840c31fe89c
-
Size
192KB
-
Sample
220122-bq4z9sgfc3
-
MD5
ed91fde671cf730e03a46ac1d56a872d
-
SHA1
99210a1bd725ebedb3a0cb5420e466069794300e
-
SHA256
9d9d1c246ba83a646dd9537d665344d6a611e7a279dcfe288a377840c31fe89c
-
SHA512
b0da04a0916d222ee28cc603f92e0408780af53f16afb8cfc3cbc3948801a04d1c6da31838a7e670b03d9b163acc31172887965d62ccc76a308b4b7db552efac
Static task
static1
Behavioral task
behavioral1
Sample
9d9d1c246ba83a646dd9537d665344d6a611e7a279dcfe288a377840c31fe89c.dll
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
9d9d1c246ba83a646dd9537d665344d6a611e7a279dcfe288a377840c31fe89c.dll
Resource
win10-en-20211208
Malware Config
Extracted
cobaltstrike
0
http://86.106.131.207:443/visit.js
-
beacon_type
2048
-
host
86.106.131.207,/visit.js
-
http_header1
AAAABwAAAAAAAAADAAAABgAAAAZDb29raWUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
http_header2
AAAACgAAACZDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL29jdGV0LXN0cmVhbQAAAAcAAAAAAAAABQAAAAJpZAAAAAcAAAABAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
maxdns
255
-
pipe_name
\\%s\pipe\msagent_%x
-
polling_time
60000
-
port_number
443
-
state_machine
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCPtLEgPCPVf0beGg/KsNhh0t3fDTVA2x3BI6Xzs7PVZ/9ru8mRtmCG8vF66GWoocxUwgv8NmnNwNMd0JP+1Wrn2QaSuzt86mNw4qhBv9IcOTlbSSTU1hVNPqhLuM64/97mjkor6OK8AR2/GBN6nefT6370Fx46kkuhdIUBXuru9wIDAQABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
unknown1
4096
-
unknown2
AAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
uri
/submit.php
-
user_agent
Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; BOIE9;ENUS)
-
watermark
0
Targets
-
-
Target
9d9d1c246ba83a646dd9537d665344d6a611e7a279dcfe288a377840c31fe89c
-
Size
192KB
-
MD5
ed91fde671cf730e03a46ac1d56a872d
-
SHA1
99210a1bd725ebedb3a0cb5420e466069794300e
-
SHA256
9d9d1c246ba83a646dd9537d665344d6a611e7a279dcfe288a377840c31fe89c
-
SHA512
b0da04a0916d222ee28cc603f92e0408780af53f16afb8cfc3cbc3948801a04d1c6da31838a7e670b03d9b163acc31172887965d62ccc76a308b4b7db552efac
Score3/10 -