General
-
Target
ab6bc092cb6d2cfbe2b1de77f5260b78b82496365ddf12200404990439c1796c
-
Size
199KB
-
Sample
220701-hhcdlsgdcm
-
MD5
f9dcb2e2eb333cf8f042f7abbe7e45f3
-
SHA1
73eed326ac894828c3064fb95f3ac2b6c0035004
-
SHA256
ab6bc092cb6d2cfbe2b1de77f5260b78b82496365ddf12200404990439c1796c
-
SHA512
7788dd72e29ace8e0db130ab4e987df99afc936767beb7bb67ef472ddf6a14767464edb36fa05381f0dc9011f8e196444674ad903ecf925105db5caf6a010826
Static task
static1
Behavioral task
behavioral1
Sample
ab6bc092cb6d2cfbe2b1de77f5260b78b82496365ddf12200404990439c1796c.dll
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
ab6bc092cb6d2cfbe2b1de77f5260b78b82496365ddf12200404990439c1796c.dll
Resource
win10v2004-20220414-en
Malware Config
Extracted
cobaltstrike
0
http://85.143.220.138:8080/dpixel
-
crypto_scheme
256
-
host
85.143.220.138,/dpixel
-
http_header1
AAAABwAAAAAAAAADAAAABgAAAAZDb29raWUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
http_header2
AAAACgAAACZDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL29jdGV0LXN0cmVhbQAAAAcAAAAAAAAABQAAAAJpZAAAAAcAAAABAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
http_method1
GET
-
http_method2
POST
-
maxdns
255
-
pipe_name
\\%s\pipe\msagent_%x
-
polling_time
60000
-
port_number
8080
-
sc_process32
%windir%\syswow64\rundll32.exe
-
sc_process64
%windir%\sysnative\rundll32.exe
-
state_machine
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQChvz2oKTJ0/eJ7cFxHaHPhGqqNrEeTk0/ji502tl8m/Hm/oETz8CH0xSxpU5gyg+tG0FqOQY3WOvmPz61LGiGv4spGlz3Hxd8HXEnd3rk560YzaAPlbwB3bBjbPs1GCAYK5qkDOO7a1WhfdEMBDbtZeqY1JpMSSMovpUojps3qLwIDAQABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
unknown1
4096
-
unknown2
AAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
uri
/submit.php
-
user_agent
Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; BOIE9;ENXA)
-
watermark
0
Targets
-
-
Target
ab6bc092cb6d2cfbe2b1de77f5260b78b82496365ddf12200404990439c1796c
-
Size
199KB
-
MD5
f9dcb2e2eb333cf8f042f7abbe7e45f3
-
SHA1
73eed326ac894828c3064fb95f3ac2b6c0035004
-
SHA256
ab6bc092cb6d2cfbe2b1de77f5260b78b82496365ddf12200404990439c1796c
-
SHA512
7788dd72e29ace8e0db130ab4e987df99afc936767beb7bb67ef472ddf6a14767464edb36fa05381f0dc9011f8e196444674ad903ecf925105db5caf6a010826
Score3/10 -