General
-
Target
beacon.exe
-
Size
278KB
-
Sample
230406-w7q5ysed74
-
MD5
f56dd43e69649c5b4e1224e18a71c6a8
-
SHA1
f3c8d482806572f76c62fa11b57d4c3e5b13a0f5
-
SHA256
ca98b79ddd7777098f868b94ab0b9a4bb57ce61c9d7f2438fb64cae7dcdeb9f9
-
SHA512
83de74d97d56a114066988de26b2dbc2fbf225ba33b82b24d9a664d4c31fa46af6a3660f88b12ffa9722ec1ca2961b6a1602bb7888d22cee6113c2da81e2082f
-
SSDEEP
3072:IRjDQ3pPKV/jFRctt7qUSLkEbkrFyX+a1skkF9kBItmPo9ESM4iKm6Rl:IRfFAtt7qtYrsCOqESriX6
Static task
static1
Behavioral task
behavioral1
Sample
beacon.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
beacon.exe
Resource
win10v2004-20230220-en
Malware Config
Extracted
cobaltstrike
305419896
-
beacon_type
1024
-
host
192.168.22.152
-
http_header1
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
http_header2
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
polling_time
10000
-
port_number
4444
-
sc_process32
%windir%\syswow64\rundll32.exe
-
sc_process64
%windir%\sysnative\rundll32.exe
-
state_machine
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCnCZHWnYFqYB/6gJdkc4MPDTtBJ20nkEAd3tsY4tPKs8MV4yIjJb5CtlrbKHjzP1oD/1AQsj6EKlEMFIKtakLx5+VybrMYE+dDdkDteHmVX0AeFyw001FyQVlt1B+OSNPRscKI5sh1L/ZdwnrMy6S6nNbQ5N5hls6k2kgNO5nQ7QIDAQABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
unknown1
4096
-
unknown2
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
watermark
305419896
Targets
-
-
Target
beacon.exe
-
Size
278KB
-
MD5
f56dd43e69649c5b4e1224e18a71c6a8
-
SHA1
f3c8d482806572f76c62fa11b57d4c3e5b13a0f5
-
SHA256
ca98b79ddd7777098f868b94ab0b9a4bb57ce61c9d7f2438fb64cae7dcdeb9f9
-
SHA512
83de74d97d56a114066988de26b2dbc2fbf225ba33b82b24d9a664d4c31fa46af6a3660f88b12ffa9722ec1ca2961b6a1602bb7888d22cee6113c2da81e2082f
-
SSDEEP
3072:IRjDQ3pPKV/jFRctt7qUSLkEbkrFyX+a1skkF9kBItmPo9ESM4iKm6Rl:IRfFAtt7qtYrsCOqESriX6
Score10/10 -