Overview
overview
10Static
static
848e296a13...55.dll
windows7_x64
10848e296a13...55.dll
windows10-2004_x64
109108114501...fa.dll
windows7_x64
109108114501...fa.dll
windows10-2004_x64
10d9370d0d68...9a.dll
windows7_x64
10d9370d0d68...9a.dll
windows10-2004_x64
10dd9ff0b632...9b.exe
windows7_x64
1dd9ff0b632...9b.exe
windows10-2004_x64
10General
-
Target
smp.7z
-
Size
1.1MB
-
Sample
220711-lxyf6sgagk
-
MD5
b3fead5053905cca98f10b04989e6f9c
-
SHA1
3bb0bf8c1734ea92b803a6b2f4691c226a8a8ecb
-
SHA256
e83def106a21862d89d5be6bd6ad9779dec66b9d13a039ad63d830812ad0b9a3
-
SHA512
a731f4765d46ccb5cafe7642c1c1d76cbfcaf2e23becb2ed7d314015cd062e3acbeea7687095852a19c32703602b81a571d1d9310b810fff4eda84051c1a7fed
Static task
static1
Behavioral task
behavioral1
Sample
848e296a1324882c7acc3fdca8197d55.dll
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
848e296a1324882c7acc3fdca8197d55.dll
Resource
win10v2004-20220414-en
Behavioral task
behavioral3
Sample
91081145018222c52e1915aa1c815dfa.dll
Resource
win7-20220414-en
Behavioral task
behavioral4
Sample
91081145018222c52e1915aa1c815dfa.dll
Resource
win10v2004-20220414-en
Behavioral task
behavioral5
Sample
d9370d0d68a692766ce97df7e2516d9a.dll
Resource
win7-20220414-en
Behavioral task
behavioral6
Sample
d9370d0d68a692766ce97df7e2516d9a.dll
Resource
win10v2004-20220414-en
Behavioral task
behavioral7
Sample
dd9ff0b632d22fcdbafe5d880d18499b.exe
Resource
win7-20220414-en
Behavioral task
behavioral8
Sample
dd9ff0b632d22fcdbafe5d880d18499b.exe
Resource
win10v2004-20220414-en
Malware Config
Extracted
emotet
Epoch5
103.71.99.57:8080
103.224.241.74:8080
157.245.111.0:8080
37.44.244.177:8080
103.41.204.169:8080
64.227.55.231:8080
103.254.12.236:7080
103.85.95.4:8080
157.230.99.206:8080
165.22.254.236:8080
85.214.67.203:8080
54.37.228.122:443
195.77.239.39:8080
128.199.217.206:443
190.145.8.4:443
165.232.185.110:8080
188.165.79.151:443
178.62.112.199:8080
54.37.106.167:8080
104.244.79.94:443
43.129.209.178:443
87.106.97.83:7080
202.134.4.210:7080
178.238.225.252:8080
198.199.70.22:8080
62.171.178.147:8080
175.126.176.79:8080
128.199.242.164:8080
88.217.172.165:8080
104.248.225.227:8080
85.25.120.45:8080
139.196.72.155:8080
188.225.32.231:4143
202.29.239.162:443
103.126.216.86:443
210.57.209.142:8080
93.104.209.107:8080
196.44.98.190:8080
5.253.30.17:7080
46.101.98.60:8080
103.56.149.105:8080
190.107.19.179:443
139.59.80.108:8080
36.67.23.59:443
78.47.204.80:443
83.229.80.93:8080
174.138.33.49:7080
118.98.72.86:443
37.187.114.15:8080
202.28.34.99:8080
Extracted
cobaltstrike
0
-
watermark
0
Targets
-
-
Target
848e296a1324882c7acc3fdca8197d55.dll.vir
-
Size
368KB
-
MD5
848e296a1324882c7acc3fdca8197d55
-
SHA1
69e08989c5b11a0c85bc9b624550f8fffda3bfdd
-
SHA256
1c5f9efd24f32e10229fc1123b70f5aafac4bbbcc0bca8a856225c2dee7f6573
-
SHA512
30a3654f4cd2cdf5c37d2b3963375d87444f04fdb99b90320388f6c4ab850b8806165e77a01cdff952a9bae1b7453c24736b2f46f1f4610f7c131ee9b58eaebf
-
-
-
Target
91081145018222c52e1915aa1c815dfa.dll.vir
-
Size
368KB
-
MD5
91081145018222c52e1915aa1c815dfa
-
SHA1
862e4ad5dca38a937dc4189285d7bd9dee1b4738
-
SHA256
cdeeee043e8eed1556db23fffcb1d0b84a5ffd53ecb86f25247895a5deb60217
-
SHA512
a8241e19b8ebb747e21776c50f3631e48ee19747c8f65ff3fdbad04a9c39eb4a6654b743c9ffdbbadfcd4979efe49e3ccc1a1509e30ec167e59d2f03b402d4ab
-
-
-
Target
d9370d0d68a692766ce97df7e2516d9a.dll.vir
-
Size
368KB
-
MD5
d9370d0d68a692766ce97df7e2516d9a
-
SHA1
e4df13fe0459689c79558a32755531c725f8374d
-
SHA256
0049cd4af7741f9dd02a2ec5938b90fcb72885ea181c901905274711f3bdb1cd
-
SHA512
dfc3706e2725b452d77109222426ff98596c9ace25f3590d93b146fec37ac2ede5d9096f795a137d3f3a2e12f27290003f4061413cc7d9acb0f72ec3239e17f8
-
-
-
Target
dd9ff0b632d22fcdbafe5d880d18499b.exe.vir
-
Size
1.9MB
-
MD5
dd9ff0b632d22fcdbafe5d880d18499b
-
SHA1
300bdf6fff7cbc72c8317d6ade21b826ecc095fe
-
SHA256
7769fb3369e2d14ad83797287e8077fc03b31a995a5d4fbf8279ae3f937b3c77
-
SHA512
5d8484ad2ad6a9979f26f71415a0e9cff847ffaef67ae5807cfa8d3911277de05dffd59ce789949367a08c711f8107f851b873dabb7f4e7bf94203fa214d12ca
Score10/10-
suricata: ET MALWARE Cobalt Strike Beacon Observed
suricata: ET MALWARE Cobalt Strike Beacon Observed
-
suricata: ET MALWARE Successful Cobalt Strike Shellcode Download (x64) M1
suricata: ET MALWARE Successful Cobalt Strike Shellcode Download (x64) M1
-