General
-
Target
33d09273dc6cd6f995271202a20e8df2e0579a066db9b0bdcbfff7da7afe3768
-
Size
26KB
-
Sample
230329-hea2dagg3x
-
MD5
c9ebd0d057c99b70ba8e955a0f51f72f
-
SHA1
ee2323f856b397a7c0ce1feb6677152376e96da5
-
SHA256
33d09273dc6cd6f995271202a20e8df2e0579a066db9b0bdcbfff7da7afe3768
-
SHA512
c8a1b27243b3526acd38052639574a201f82d96dca2c5a3e753d05c75dc5d21a7984cc66bcda04ea27199e846359695c118ba7cf2162d4ca95cc569147bb7d74
-
SSDEEP
384:pIAUl9V5xJCdNz6etOzzodsGeE3WdbSU0jRArxJDZF6boFUUC7+v6fCUqqgCENqn:uAUjKz6r5GeW+bOoCvK/imC6YEaxP
Static task
static1
Behavioral task
behavioral1
Sample
33d09273dc6cd6f995271202a20e8df2e0579a066db9b0bdcbfff7da7afe3768.ps1
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
33d09273dc6cd6f995271202a20e8df2e0579a066db9b0bdcbfff7da7afe3768.ps1
Resource
win10v2004-20230220-en
Malware Config
Extracted
cobaltstrike
http://43.136.14.33:50001/GSmV
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; UHS)
Targets
-
-
Target
33d09273dc6cd6f995271202a20e8df2e0579a066db9b0bdcbfff7da7afe3768
-
Size
26KB
-
MD5
c9ebd0d057c99b70ba8e955a0f51f72f
-
SHA1
ee2323f856b397a7c0ce1feb6677152376e96da5
-
SHA256
33d09273dc6cd6f995271202a20e8df2e0579a066db9b0bdcbfff7da7afe3768
-
SHA512
c8a1b27243b3526acd38052639574a201f82d96dca2c5a3e753d05c75dc5d21a7984cc66bcda04ea27199e846359695c118ba7cf2162d4ca95cc569147bb7d74
-
SSDEEP
384:pIAUl9V5xJCdNz6etOzzodsGeE3WdbSU0jRArxJDZF6boFUUC7+v6fCUqqgCENqn:uAUjKz6r5GeW+bOoCvK/imC6YEaxP
Score10/10-
Blocklisted process makes network request
-