Overview

overview

10

Static

static

10

e09e2dc37c...01.dll

windows7_x64

1

e09e2dc37c...01.dll

windows10-2004_x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e09e2dc37c17ec2896579f420453c2e24d4c456cdedb19ef21e786dbfce3c001

  • Size

    207KB

  • Sample

    220701-fj3wvaefd3

  • MD5

    de778a1a6c1e7a6912ec1780290ffa54

  • SHA1

    39f731a154f0b8ed136741a290e796842c5b146f

  • SHA256

    e09e2dc37c17ec2896579f420453c2e24d4c456cdedb19ef21e786dbfce3c001

  • SHA512

    c180e5bcd44b056f321022a46f6f9232c6f5818b88ff9218551da0aea04d3de0404551d78c75543861ed1c53fe5dc71e8b2fae3a9347a026477f8536f8d93b19

Score
10/10
cobaltstrike0

Malware Config

Extracted

Family

cobaltstrike

Botnet

0

C2

http://150.107.0.46:5544/g.pixel

Attributes
  • access_type

    512

  • crypto_scheme

    256

  • host

    150.107.0.46,/g.pixel

  • http_header1

    AAAABwAAAAAAAAADAAAABgAAAAZDb29raWUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==

  • http_header2

    AAAACgAAACZDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL29jdGV0LXN0cmVhbQAAAAcAAAAAAAAABQAAAAJpZAAAAAcAAAABAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==

  • http_method1

    GET

  • http_method2

    POST

  • maxdns

    255

  • polling_time

    60000

  • port_number

    5544

  • sc_process32

    %windir%\syswow64\rundll32.exe

  • sc_process64

    %windir%\sysnative\rundll32.exe

  • state_machine

    MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCiUfyp4tcw+pLR9Y6nqdL54XnRLnnDb5J5WaDVTlQnrbgKR4mceKyD35zi/2vIEVIt30ppuBNIUe8Rx0/8HXVMNrsF/1kqtLQAcb2ECAxACRABYFZVHS2zN1W3dtbrtYJwSyuUYJegJ/d413D1ZoixF/qfg5vTZXofks3Y2ARsgQIDAQABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==

  • unknown1

    4096

  • unknown2

    AAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==

  • uri

    /submit.php

  • user_agent

    Mozilla/5.0 (compatible; MSIE 9.0; Windows Phone OS 7.5; Trident/5.0; IEMobile/9.0; LG; LG-E906)

  • watermark

    0

Targets

    • Target

      e09e2dc37c17ec2896579f420453c2e24d4c456cdedb19ef21e786dbfce3c001

    • Size

      207KB

    • MD5

      de778a1a6c1e7a6912ec1780290ffa54

    • SHA1

      39f731a154f0b8ed136741a290e796842c5b146f

    • SHA256

      e09e2dc37c17ec2896579f420453c2e24d4c456cdedb19ef21e786dbfce3c001

    • SHA512

      c180e5bcd44b056f321022a46f6f9232c6f5818b88ff9218551da0aea04d3de0404551d78c75543861ed1c53fe5dc71e8b2fae3a9347a026477f8536f8d93b19

    Score
    1/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks