Overview

overview

10

Static

static

10

9d9d1c246b...9c.dll

windows7_x64

3

9d9d1c246b...9c.dll

windows10_x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9d9d1c246ba83a646dd9537d665344d6a611e7a279dcfe288a377840c31fe89c

  • Size

    192KB

  • Sample

    220122-bq4z9sgfc3

  • MD5

    ed91fde671cf730e03a46ac1d56a872d

  • SHA1

    99210a1bd725ebedb3a0cb5420e466069794300e

  • SHA256

    9d9d1c246ba83a646dd9537d665344d6a611e7a279dcfe288a377840c31fe89c

  • SHA512

    b0da04a0916d222ee28cc603f92e0408780af53f16afb8cfc3cbc3948801a04d1c6da31838a7e670b03d9b163acc31172887965d62ccc76a308b4b7db552efac

Score
10/10
cobaltstrike0

Malware Config

Extracted

Family

cobaltstrike

Botnet

0

C2

http://86.106.131.207:443/visit.js

Attributes
  • beacon_type

    2048

  • host

    86.106.131.207,/visit.js

  • http_header1

    AAAABwAAAAAAAAADAAAABgAAAAZDb29raWUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==

  • http_header2

    AAAACgAAACZDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL29jdGV0LXN0cmVhbQAAAAcAAAAAAAAABQAAAAJpZAAAAAcAAAABAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==

  • maxdns

    255

  • pipe_name

    \\%s\pipe\msagent_%x

  • polling_time

    60000

  • port_number

    443

  • state_machine

    MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCPtLEgPCPVf0beGg/KsNhh0t3fDTVA2x3BI6Xzs7PVZ/9ru8mRtmCG8vF66GWoocxUwgv8NmnNwNMd0JP+1Wrn2QaSuzt86mNw4qhBv9IcOTlbSSTU1hVNPqhLuM64/97mjkor6OK8AR2/GBN6nefT6370Fx46kkuhdIUBXuru9wIDAQABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==

  • unknown1

    4096

  • unknown2

    AAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==

  • uri

    /submit.php

  • user_agent

    Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; BOIE9;ENUS)

  • watermark

    0

Targets

    • Target

      9d9d1c246ba83a646dd9537d665344d6a611e7a279dcfe288a377840c31fe89c

    • Size

      192KB

    • MD5

      ed91fde671cf730e03a46ac1d56a872d

    • SHA1

      99210a1bd725ebedb3a0cb5420e466069794300e

    • SHA256

      9d9d1c246ba83a646dd9537d665344d6a611e7a279dcfe288a377840c31fe89c

    • SHA512

      b0da04a0916d222ee28cc603f92e0408780af53f16afb8cfc3cbc3948801a04d1c6da31838a7e670b03d9b163acc31172887965d62ccc76a308b4b7db552efac

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks