General
-
Target
cbca9a92a6aa067ff4cab8f1d34ec49ffc9a06c90881f48da369c973182ce06d
-
Size
207KB
-
Sample
220124-dxhfysbag7
-
MD5
721254f41286717aa1cd9d7d652a9fa1
-
SHA1
b48e7a639d2e51e2ae2efdebb0723fe1f8dd84e6
-
SHA256
cbca9a92a6aa067ff4cab8f1d34ec49ffc9a06c90881f48da369c973182ce06d
-
SHA512
5aae8ff3790085e98ec5c20719f15b70b8e225c105ae0f284c0a3d89d6fbb4c93153c8286523ddc0dad371d6a1bc4544718017919a87af456f7376ed129337cb
Static task
static1
Behavioral task
behavioral1
Sample
cbca9a92a6aa067ff4cab8f1d34ec49ffc9a06c90881f48da369c973182ce06d.dll
Resource
win7-en-20211208
Behavioral task
behavioral2
Sample
cbca9a92a6aa067ff4cab8f1d34ec49ffc9a06c90881f48da369c973182ce06d.dll
Resource
win10-en-20211208
Malware Config
Extracted
cobaltstrike
0
http://summerevent.webhop.net:443/safebrowsing/rd/tnOztRgLx1ugKt8uumGcreRFm5CqXD9ge-zzz5sA6WzhC
-
access_type
512
-
beacon_type
2048
-
crypto_scheme
256
-
host
summerevent.webhop.net,/safebrowsing/rd/tnOztRgLx1ugKt8uumGcreRFm5CqXD9ge-zzz5sA6WzhC
-
http_header1
AAAACgAAAEdBY2NlcHQ6IHRleHQvaHRtbCxhcHBsaWNhdGlvbi94aHRtbCt4bWwsYXBwbGljYXRpb24veG1sO3E9MC45LCovKjtxPTAuOAAAAAoAAAAfQWNjZXB0LUxhbmd1YWdlOiBlbi1VUyxlbjtxPTAuNQAAAAoAAAAeQWNjZXB0LUVuY29kaW5nOiBnemlwLCBkZWZsYXRlAAAABwAAAAAAAAAIAAAAAgAAAAhQUkVGPUlEPQAAAAYAAAAGQ29va2llAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
http_header2
AAAACgAAAEdBY2NlcHQ6IHRleHQvaHRtbCxhcHBsaWNhdGlvbi94aHRtbCt4bWwsYXBwbGljYXRpb24veG1sO3E9MC45LCovKjtxPTAuOAAAAAoAAAAfQWNjZXB0LUxhbmd1YWdlOiBlbi1VUyxlbjtxPTAuNQAAAAoAAAAeQWNjZXB0LUVuY29kaW5nOiBnemlwLCBkZWZsYXRlAAAABwAAAAAAAAAIAAAAAgAAABJVPXNSdjg1VUhpakJycldpSHoAAAACAAAACFBSRUY9SUQ9AAAABgAAAAZDb29raWUAAAAHAAAAAQAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
http_method1
GET
-
http_method2
POST
-
jitter
3840
-
maxdns
247
-
polling_time
6600
-
port_number
443
-
sc_process32
%windir%\syswow64\rundll32.exe
-
sc_process64
%windir%\sysnative\rundll32.exe
-
state_machine
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDmFvK6fWzx+zTnQqAkZAQv6Eqwme1a80cwMNtrYEJShrKKbgpTy71w5Zd9u7EdBClno3HF9U4/9/tkBRw6PPPRa+W6bgpf97I3/Y0z36I5E/h+UP8h076IkzaWyPHbS1QMOiE6AXC3rCERjgirkn1LKUs+Q+zj0LeN8/QHEq/ZqQIDAQABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
unknown1
4096
-
unknown2
AAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
uri
/safebrowsing/rd/r8l4jO3947jVxa5wBhEijGc0y77iX4oFy
-
user_agent
Mozilla/5.0 (Windows NT 6.0; rv:34.0) Gecko/20100101 Firefox/34.0
-
watermark
0
Targets
-
-
Target
cbca9a92a6aa067ff4cab8f1d34ec49ffc9a06c90881f48da369c973182ce06d
-
Size
207KB
-
MD5
721254f41286717aa1cd9d7d652a9fa1
-
SHA1
b48e7a639d2e51e2ae2efdebb0723fe1f8dd84e6
-
SHA256
cbca9a92a6aa067ff4cab8f1d34ec49ffc9a06c90881f48da369c973182ce06d
-
SHA512
5aae8ff3790085e98ec5c20719f15b70b8e225c105ae0f284c0a3d89d6fbb4c93153c8286523ddc0dad371d6a1bc4544718017919a87af456f7376ed129337cb
Score1/10 -