Overview

overview

10

Static

static

10

0dbf53264f...08.dll

windows7_x64

1

0dbf53264f...08.dll

windows10-2004_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0dbf53264f94a98710a6c3b60b3079db318c7df92396a76efe50e1790644e708

  • Size

    198KB

  • Sample

    220529-twftqsffb3

  • MD5

    0680fe53376730d44f9878e0ebeef36d

  • SHA1

    a327a919d0234adfdccc84c407b030d46223cd22

  • SHA256

    0dbf53264f94a98710a6c3b60b3079db318c7df92396a76efe50e1790644e708

  • SHA512

    47269daea0d7acc0fad0b876d852c5e635ed8771d75bd0410458ef329e5e2f3231cd2b21bb98de26ba1ee1c8afb7d33303df8b774a0f8b17dca53af052197e75

Score
10/10
cobaltstrike1

Malware Config

Extracted

Family

cobaltstrike

Botnet

1

Attributes
  • beacon_type

    512

  • http_header1

    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==

  • http_header2

    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==

  • pipe_name

    \\.\pipe\msagent_efe7

  • polling_time

    10000

  • port_number

    4444

  • sc_process32

    %windir%\syswow64\rundll32.exe

  • sc_process64

    %windir%\sysnative\rundll32.exe

  • state_machine

    MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVooVUolYxNUGPzpHLBl9YHmdkM2TCjD8HuHyLOxTo2D3AvxCxmohzjqAV5cNdk/CYE/gJevEmYf0FzJzoW3unlrjIsTNOnpvcirkDrny+l/0+qkAmGBBA3oR6r6uht/JgKr0b3J6lJXhGtx/t5qnMS7d7qxj9hRqFO10+wnjfqQIDAQABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==

  • unknown1

    4096

  • unknown2

    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==

  • watermark

    1

Targets

    • Target

      0dbf53264f94a98710a6c3b60b3079db318c7df92396a76efe50e1790644e708

    • Size

      198KB

    • MD5

      0680fe53376730d44f9878e0ebeef36d

    • SHA1

      a327a919d0234adfdccc84c407b030d46223cd22

    • SHA256

      0dbf53264f94a98710a6c3b60b3079db318c7df92396a76efe50e1790644e708

    • SHA512

      47269daea0d7acc0fad0b876d852c5e635ed8771d75bd0410458ef329e5e2f3231cd2b21bb98de26ba1ee1c8afb7d33303df8b774a0f8b17dca53af052197e75

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks