General
-
Target
e09e2dc37c17ec2896579f420453c2e24d4c456cdedb19ef21e786dbfce3c001
-
Size
207KB
-
Sample
220701-fj3wvaefd3
-
MD5
de778a1a6c1e7a6912ec1780290ffa54
-
SHA1
39f731a154f0b8ed136741a290e796842c5b146f
-
SHA256
e09e2dc37c17ec2896579f420453c2e24d4c456cdedb19ef21e786dbfce3c001
-
SHA512
c180e5bcd44b056f321022a46f6f9232c6f5818b88ff9218551da0aea04d3de0404551d78c75543861ed1c53fe5dc71e8b2fae3a9347a026477f8536f8d93b19
Static task
static1
Behavioral task
behavioral1
Sample
e09e2dc37c17ec2896579f420453c2e24d4c456cdedb19ef21e786dbfce3c001.dll
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
e09e2dc37c17ec2896579f420453c2e24d4c456cdedb19ef21e786dbfce3c001.dll
Resource
win10v2004-20220414-en
Malware Config
Extracted
cobaltstrike
0
http://150.107.0.46:5544/g.pixel
-
access_type
512
-
crypto_scheme
256
-
host
150.107.0.46,/g.pixel
-
http_header1
AAAABwAAAAAAAAADAAAABgAAAAZDb29raWUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
http_header2
AAAACgAAACZDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL29jdGV0LXN0cmVhbQAAAAcAAAAAAAAABQAAAAJpZAAAAAcAAAABAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
http_method1
GET
-
http_method2
POST
-
maxdns
255
-
polling_time
60000
-
port_number
5544
-
sc_process32
%windir%\syswow64\rundll32.exe
-
sc_process64
%windir%\sysnative\rundll32.exe
-
state_machine
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCiUfyp4tcw+pLR9Y6nqdL54XnRLnnDb5J5WaDVTlQnrbgKR4mceKyD35zi/2vIEVIt30ppuBNIUe8Rx0/8HXVMNrsF/1kqtLQAcb2ECAxACRABYFZVHS2zN1W3dtbrtYJwSyuUYJegJ/d413D1ZoixF/qfg5vTZXofks3Y2ARsgQIDAQABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
unknown1
4096
-
unknown2
AAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
uri
/submit.php
-
user_agent
Mozilla/5.0 (compatible; MSIE 9.0; Windows Phone OS 7.5; Trident/5.0; IEMobile/9.0; LG; LG-E906)
-
watermark
0
Targets
-
-
Target
e09e2dc37c17ec2896579f420453c2e24d4c456cdedb19ef21e786dbfce3c001
-
Size
207KB
-
MD5
de778a1a6c1e7a6912ec1780290ffa54
-
SHA1
39f731a154f0b8ed136741a290e796842c5b146f
-
SHA256
e09e2dc37c17ec2896579f420453c2e24d4c456cdedb19ef21e786dbfce3c001
-
SHA512
c180e5bcd44b056f321022a46f6f9232c6f5818b88ff9218551da0aea04d3de0404551d78c75543861ed1c53fe5dc71e8b2fae3a9347a026477f8536f8d93b19
Score1/10 -