General

  • Target

    notepad.exe

  • Size

    1.3MB

  • Sample

    230324-qt3nyaef72

  • MD5

    776522a86083348acf2f0f40ed44dcf9

  • SHA1

    acbf4e7f666f2068a2a9e3c08409786a56380512

  • SHA256

    3478774e26a538823f1144640990ddce3c107927580421aee076b78d920a6f6f

  • SHA512

    63b37039d878530419a2e4187747724c011ed7c1bd93346ef2b9f3eef88cf561e7c616f111d06d5a504075761f41d7b3de43b15b48a1e289477fc0fc0b1d374a

  • SSDEEP

    24576:ds0hsXS5iccj3MBwt+NZ7fr0MNjx5/PX5sAgl+W:dzP5k3BM/h5sAgl+W

Malware Config

Extracted

Family

cobaltstrike

C2

http://198.52.127.146:443/understand/tips/GMY0TY2G

Attributes
  • user_agent

    Accept: application/xml, image/*, text/html Accept-Language: ca Accept-Encoding: *, br User-Agent: Mozilla/5.0 (Windows NT 6.3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36

Targets

    • Target

      notepad.exe

    • Size

      1.3MB

    • MD5

      776522a86083348acf2f0f40ed44dcf9

    • SHA1

      acbf4e7f666f2068a2a9e3c08409786a56380512

    • SHA256

      3478774e26a538823f1144640990ddce3c107927580421aee076b78d920a6f6f

    • SHA512

      63b37039d878530419a2e4187747724c011ed7c1bd93346ef2b9f3eef88cf561e7c616f111d06d5a504075761f41d7b3de43b15b48a1e289477fc0fc0b1d374a

    • SSDEEP

      24576:ds0hsXS5iccj3MBwt+NZ7fr0MNjx5/PX5sAgl+W:dzP5k3BM/h5sAgl+W

MITRE ATT&CK Matrix

Tasks