Overview

overview

10

Static

static

10

29eeb96134...ec.dll

windows7_x64

1

29eeb96134...ec.dll

windows10-2004_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    29eeb96134e88d61433cff8342549aae73fb68bb7cc037febb9b87846a2531ec

  • Size

    206KB

  • Sample

    220320-hzdm1aagaj

  • MD5

    e8ae682eebf5c33bf0d325923a0bbe6d

  • SHA1

    ec1e96bd76db278f75f3054fc1776cea89d1e0ce

  • SHA256

    29eeb96134e88d61433cff8342549aae73fb68bb7cc037febb9b87846a2531ec

  • SHA512

    b371db0ccf2f32e91549ef2798b2c8699c2300bac06bb4fe08bab5e637a2f7f06f73fe1fc63f05677d7b3bda4940f53b33140e6b6f455073407acc6566dd9904

Score
10/10
cobaltstrike1

Malware Config

Extracted

Family

cobaltstrike

Botnet

1

Attributes
  • beacon_type

    512

  • create_remote_thread

    256

  • http_header1

    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==

  • http_header2

    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==

  • pipe_name

    \\%s\pipe\msagent_%x

  • polling_time

    10000

  • port_number

    4444

  • sc_process32

    %windir%\syswow64\rundll32.exe

  • sc_process64

    %windir%\sysnative\rundll32.exe

  • state_machine

    MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCBjPmjsS60sXbz65lPK1nABUEYFW2ADeReblgm3X7LmzrrkAdHBfBROBGU/00B0IpKrlJ/fHj2EArY+8OsyDSPgcTAuVhrYHt9Nn7W8ppxd8JM/fEGSLcgEbGDLAk5MYt7DHIIpGnu/z1taESU5qaNed/XcbzetTOp7qJm/xy9vwIDAQABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==

  • unknown1

    4096

  • unknown2

    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==

  • watermark

    1

Targets

    • Target

      29eeb96134e88d61433cff8342549aae73fb68bb7cc037febb9b87846a2531ec

    • Size

      206KB

    • MD5

      e8ae682eebf5c33bf0d325923a0bbe6d

    • SHA1

      ec1e96bd76db278f75f3054fc1776cea89d1e0ce

    • SHA256

      29eeb96134e88d61433cff8342549aae73fb68bb7cc037febb9b87846a2531ec

    • SHA512

      b371db0ccf2f32e91549ef2798b2c8699c2300bac06bb4fe08bab5e637a2f7f06f73fe1fc63f05677d7b3bda4940f53b33140e6b6f455073407acc6566dd9904

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks