General
-
Target
training
-
Size
204KB
-
Sample
221020-jxac8scge6
-
MD5
25cd3ad7f60ce1ecb09b16556cbba2dc
-
SHA1
84c71cf880b4907baf1f8916b2188d69f17de45a
-
SHA256
56471e1ecf2833e7700784429e98f678ee96cde91516725fc40a536c58d5d228
-
SHA512
5b7efe6af38ebb5cec07bbacb0b9fd24cfb3e0c397eb67fb9bbd3950044276ce6faf042ddccdc5628845b78054ab31264727f617c3dee230e835b5b63963fc82
-
SSDEEP
6144:YAWvDMRXwNxHRpBn6za1QfZkZkE8Ju+aL:YAWvD6XwNxHRv6zaqfZkZk74+O
Behavioral task
behavioral1
Sample
training
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
training
Resource
win10v2004-20220901-en
Malware Config
Extracted
cobaltstrike
305419896
http://39.103.189.229:8089/__utm.gif
-
access_type
512
-
host
39.103.189.229,/__utm.gif
-
http_header1
AAAABwAAAAAAAAADAAAABgAAAAZDb29raWUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
http_header2
AAAACgAAACZDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL29jdGV0LXN0cmVhbQAAAAcAAAAAAAAABQAAAAJpZAAAAAcAAAABAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
http_method1
GET
-
http_method2
POST
-
maxdns
255
-
polling_time
60000
-
port_number
8089
-
sc_process32
%windir%\syswow64\rundll32.exe
-
sc_process64
%windir%\sysnative\rundll32.exe
-
state_machine
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCejXBRuoPFmtFe+6WRLqyDz4K/WFXJH93gyCfL2olrlDG7DzjjAu8Eaq6obgDvneahzTW4wcNOLcxupAn8EnxFlCtXndFxyS3dfKUFyX0CUY3Q4CxNepe269VbDSCaBmZ1SJEn0HNrE1fSpTA8C+wVtiNayM6rrHDYQb9ztqXJvwIDAQABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
unknown1
4096
-
unknown2
AAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
uri
/submit.php
-
user_agent
Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
-
watermark
305419896
Targets
-
-
Target
training
-
Size
204KB
-
MD5
25cd3ad7f60ce1ecb09b16556cbba2dc
-
SHA1
84c71cf880b4907baf1f8916b2188d69f17de45a
-
SHA256
56471e1ecf2833e7700784429e98f678ee96cde91516725fc40a536c58d5d228
-
SHA512
5b7efe6af38ebb5cec07bbacb0b9fd24cfb3e0c397eb67fb9bbd3950044276ce6faf042ddccdc5628845b78054ab31264727f617c3dee230e835b5b63963fc82
-
SSDEEP
6144:YAWvDMRXwNxHRpBn6za1QfZkZkE8Ju+aL:YAWvD6XwNxHRv6zaqfZkZk74+O
Score1/10 -