General
-
Target
notepad.exe
-
Size
1.3MB
-
Sample
230324-qt3nyaef72
-
MD5
776522a86083348acf2f0f40ed44dcf9
-
SHA1
acbf4e7f666f2068a2a9e3c08409786a56380512
-
SHA256
3478774e26a538823f1144640990ddce3c107927580421aee076b78d920a6f6f
-
SHA512
63b37039d878530419a2e4187747724c011ed7c1bd93346ef2b9f3eef88cf561e7c616f111d06d5a504075761f41d7b3de43b15b48a1e289477fc0fc0b1d374a
-
SSDEEP
24576:ds0hsXS5iccj3MBwt+NZ7fr0MNjx5/PX5sAgl+W:dzP5k3BM/h5sAgl+W
Static task
static1
Behavioral task
behavioral1
Sample
notepad.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
notepad.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
cobaltstrike
http://198.52.127.146:443/understand/tips/GMY0TY2G
-
user_agent
Accept: application/xml, image/*, text/html Accept-Language: ca Accept-Encoding: *, br User-Agent: Mozilla/5.0 (Windows NT 6.3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36
Targets
-
-
Target
notepad.exe
-
Size
1.3MB
-
MD5
776522a86083348acf2f0f40ed44dcf9
-
SHA1
acbf4e7f666f2068a2a9e3c08409786a56380512
-
SHA256
3478774e26a538823f1144640990ddce3c107927580421aee076b78d920a6f6f
-
SHA512
63b37039d878530419a2e4187747724c011ed7c1bd93346ef2b9f3eef88cf561e7c616f111d06d5a504075761f41d7b3de43b15b48a1e289477fc0fc0b1d374a
-
SSDEEP
24576:ds0hsXS5iccj3MBwt+NZ7fr0MNjx5/PX5sAgl+W:dzP5k3BM/h5sAgl+W
Score10/10 -