Overview
overview
10Static
static
1Desktop/2f...53.exe
windows7-x64
10Desktop/2f...53.exe
windows10-2004-x64
10Desktop/50...92.exe
windows7-x64
1Desktop/50...92.exe
windows10-2004-x64
1Desktop/bb...26.exe
windows7-x64
1Desktop/bb...26.exe
windows10-2004-x64
1Desktop/ed...74.exe
windows7-x64
1Desktop/ed...74.exe
windows10-2004-x64
3Desktop/ff...c8.exe
windows7-x64
1Desktop/ff...c8.exe
windows10-2004-x64
1General
-
Target
Desktop.rar
-
Size
888KB
-
Sample
230331-p5dcrahe85
-
MD5
aa38ce76b39887b3f453bc682f0bb839
-
SHA1
74f1643cb1151756fb7d496e8d29745fb0a7b4d1
-
SHA256
b6fa6c6eda847b0886239c298632deca91411bebd2a05dde31f0a373a8558154
-
SHA512
7d2a3645418678c521b22115d27718c24cc765be49aec1ba066c512ecd4fb41582abefe1d0a4eee7a5f8819c8591342ba5bba72a13c102974f2b7b24720c94bb
-
SSDEEP
24576:ELMUHmPL/NopUdBd8n8/DNKuqVTygDfyqrIY:8G7NQA5hKuqDBr7
Static task
static1
Behavioral task
behavioral1
Sample
Desktop/2f0812f7f7905937a82c3a755c40becf63e0d6ed39f212ac931774dfdf338d53.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
Desktop/2f0812f7f7905937a82c3a755c40becf63e0d6ed39f212ac931774dfdf338d53.exe
Resource
win10v2004-20230220-en
Behavioral task
behavioral3
Sample
Desktop/50135b3cd8e475e98d6e1c9886bb8cd10f400096dfc840f174fc4545fb0a3b92.exe
Resource
win7-20230220-en
Behavioral task
behavioral4
Sample
Desktop/50135b3cd8e475e98d6e1c9886bb8cd10f400096dfc840f174fc4545fb0a3b92.exe
Resource
win10v2004-20230220-en
Behavioral task
behavioral5
Sample
Desktop/bbbd5d0aef3c2cfa296cee376dea6d7eb777a9c12140aed1a7c2c8d6ecda1e26.exe
Resource
win7-20230220-en
Behavioral task
behavioral6
Sample
Desktop/bbbd5d0aef3c2cfa296cee376dea6d7eb777a9c12140aed1a7c2c8d6ecda1e26.exe
Resource
win10v2004-20230220-en
Behavioral task
behavioral7
Sample
Desktop/ed902b16d454afd9d3a972e0dbe5d46e5f5b0da01e5e763069f149f07cbaf274.exe
Resource
win7-20230220-en
Behavioral task
behavioral8
Sample
Desktop/ed902b16d454afd9d3a972e0dbe5d46e5f5b0da01e5e763069f149f07cbaf274.exe
Resource
win10v2004-20230220-en
Behavioral task
behavioral9
Sample
Desktop/ffd5738de2af368a497d3a2020bb51ed380b00f3eb4abefa835c362ec7df8bc8.exe
Resource
win7-20230220-en
Behavioral task
behavioral10
Sample
Desktop/ffd5738de2af368a497d3a2020bb51ed380b00f3eb4abefa835c362ec7df8bc8.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
cobaltstrike
99999
http://service-pjo6e71f-1259689902.bj.apigw.tencentcs.com:443/api/getit
-
access_type
512
-
beacon_type
2048
-
host
service-pjo6e71f-1259689902.bj.apigw.tencentcs.com,/api/getit
-
http_header1
AAAACgAAAAtBY2NlcHQ6ICovKgAAAAcAAAAAAAAAAwAAAAIAAAAKU0VTU0lPTklEPQAAAAYAAAAGQ29va2llAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
-
http_header2
AAAACgAAAAtBY2NlcHQ6ICovKgAAAAcAAAAAAAAAAwAAAAIAAAAJSlNFU1NJT049AAAABgAAAAZDb29raWUAAAAHAAAAAQAAAAMAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
-
http_method1
GET
-
http_method2
POST
-
polling_time
3000
-
port_number
443
-
sc_process32
%windir%\syswow64\rundll32.exe
-
sc_process64
%windir%\sysnative\rundll32.exe
-
state_machine
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCU0m7H1l2AP44i7L/wgxQAhx3FVvY8t2GPssMT+CnCAm/OMdzDuwEeAoovm9zMGaOLQR22rnxnhBbzPfpLtOtIH8ItUoIzPY0O2+0Xw8mj9ctJlAFb5QBneSJhY7AldZD6ghCXWdEoLKe7cTnrO0t2etFCBILTaT+oSw2lqwFIYQIDAQABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
unknown1
1.481970944e+09
-
unknown2
AAAABAAAAAMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
uri
/api/postit
-
user_agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36 Edg/110.0.1587.63
-
watermark
99999
Targets
-
-
Target
Desktop/2f0812f7f7905937a82c3a755c40becf63e0d6ed39f212ac931774dfdf338d53.exe
-
Size
373KB
-
MD5
d82eb76b428bb814965baa059e4b15c0
-
SHA1
468ad6d157589afbc055233ca6d9fb1e43f192ef
-
SHA256
2f0812f7f7905937a82c3a755c40becf63e0d6ed39f212ac931774dfdf338d53
-
SHA512
06cb2dc0f0c4de91ca579db6365092b415a626d7daca1775c433fb35f3ce79190b0853088b75168e4e87b301036600fe73649342e55f42f8a1d663f0ec1b805f
-
SSDEEP
1536:2zrkW1mfdT631H2vvspStlLEWEqg6Gy2Jx/8LK6u3EwArdNuNUsWUzcdDs8cn8:s9mfRtXsYfFg6GlJ7GrdNOrCDshn
Score10/10 -
-
-
Target
Desktop/50135b3cd8e475e98d6e1c9886bb8cd10f400096dfc840f174fc4545fb0a3b92.exe
-
Size
221KB
-
MD5
812e6a209b063b65661987c557cf9971
-
SHA1
3c0709db8983a91cb32b464fba7ce3af396758c3
-
SHA256
50135b3cd8e475e98d6e1c9886bb8cd10f400096dfc840f174fc4545fb0a3b92
-
SHA512
6173d24eb79796b7a78dc193c62964acc5e8533ce82379854b78f3cd3fdc3b5a3eb255b47493ced7c769c862196fe3e90463c51597f481c43798ee8d5aa96962
-
SSDEEP
3072:hvTiJQepu4he4l6Yjyb453JwmuRljmScpBl9PLa3d+EIeHEjktcv1oKGys85fCp:hiAWOy3JwHRlinBl9PLBgWCp
Score1/10 -
-
-
Target
Desktop/bbbd5d0aef3c2cfa296cee376dea6d7eb777a9c12140aed1a7c2c8d6ecda1e26.exe
-
Size
25KB
-
MD5
953f090e710bd66e07e83c82afff4d9c
-
SHA1
c49dce1cdf5bab3e641a736a6c07015e963860f9
-
SHA256
bbbd5d0aef3c2cfa296cee376dea6d7eb777a9c12140aed1a7c2c8d6ecda1e26
-
SHA512
8f2377dacfd5ee1a2ba5c3da88525ce50a68b2fd35bc65c71056148cb0d6ec5925b2d379ed5fbaab2416234b19f16dbd16a38d6be182381cb2f619089c5562f7
-
SSDEEP
384:15ZYpNGs0U92jj6hCWyv0T4gjGShWM8rZLNr3BNAeIwtPcn3CAm9OZN9MNssq:daNGLU92KgbG4WXWHVTPIwtccakT
Score1/10 -
-
-
Target
Desktop/ed902b16d454afd9d3a972e0dbe5d46e5f5b0da01e5e763069f149f07cbaf274.exe
-
Size
1.4MB
-
MD5
8fe73841d539ff5dc04b7d3bc6e35261
-
SHA1
c532882885eeeda07741e0c4d1676f9116612486
-
SHA256
ed902b16d454afd9d3a972e0dbe5d46e5f5b0da01e5e763069f149f07cbaf274
-
SHA512
a7ba8bb7dc4642293cf67d2c7098e3b9fdb9d112b5cc219e4fa8b138830442ff458c2ac551d4519463b8df8c3c4d8e0e74ec54b6bcdbf4369de2b20cddfa7a68
-
SSDEEP
24576:SDZcOnRuUC2ywJ1/ogGKGShlgla+5BSiK1nP3LLuuQti0UuxcC:SDZHs8gla+5UiK1P3790Uux
Score3/10 -
-
-
Target
Desktop/ffd5738de2af368a497d3a2020bb51ed380b00f3eb4abefa835c362ec7df8bc8.exe
-
Size
14KB
-
MD5
467e7c118e4b1176d20da062012b1a3b
-
SHA1
26be3d886bfcdf1cbc2c5daf9790cd9af33283f7
-
SHA256
ffd5738de2af368a497d3a2020bb51ed380b00f3eb4abefa835c362ec7df8bc8
-
SHA512
6a5ed6aab2488558c88ec6e13ae3f852594037c64a7a0441af2e73e0c5ba89547d34345d22094c2cbb7f9a94eb07864b7650698495928b8bb52f4d87c59578b9
-
SSDEEP
192:KOnfCFyCoS0gdPke85YFUj/zxesqfa3Q5gKcqh:pgdV8p5YFUj9Z3Y
Score1/10 -