General
-
Target
346a686b7328d4exeexeexeex.exe
-
Size
208KB
-
Sample
230706-sg5c4scd66
-
MD5
346a686b7328d4b6f7970b48db45297e
-
SHA1
c7eff3fc24fdfe59df205c8ba812c4925616d3a3
-
SHA256
51de40c31c3436ee5c701985fe44aa92f7d1b097cc86ce2c203e2865de75e99b
-
SHA512
80832569f86be5bdaf2dec47f9e4bf95c5fc640438b822776e3842f6926df192c48f6e2b932b181e7aec098e0c51cf8424eb478fe43741d934a4560d265a8e94
-
SSDEEP
3072:I+FcIvEbJvYdGVWwk4Kj6olpR2B5f4dS/L4jjZUB55Ow6E:JHEbJAZwBqplpAX/Lmj9bE
Behavioral task
behavioral1
Sample
346a686b7328d4exeexeexeex.dll
Resource
win7-20230703-en
Behavioral task
behavioral2
Sample
346a686b7328d4exeexeexeex.dll
Resource
win10v2004-20230703-en
Malware Config
Extracted
cobaltstrike
1873433027
http://111.231.74.70:80/j.ad
-
access_type
512
-
host
111.231.74.70,/j.ad
-
http_header1
AAAABwAAAAAAAAADAAAABgAAAAZDb29raWUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
http_header2
AAAACgAAACZDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL29jdGV0LXN0cmVhbQAAAAcAAAAAAAAABQAAAAJpZAAAAAcAAAABAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
http_method1
GET
-
http_method2
POST
-
maxdns
255
-
polling_time
60000
-
port_number
80
-
sc_process32
%windir%\syswow64\rundll32.exe
-
sc_process64
%windir%\sysnative\rundll32.exe
-
state_machine
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCKGjRWajCzGS9wGwtmnkI0YUD5pv6bY69cHkuVzSlG/hwBVDgMrz3u01Dfi9oyW9nSzbm5gFoCVy8AFpuH3RvbTwgPSRhCBecfTo4vLXENHuUkk6KUcGmr2syY6DyVMviY74ro3OtSALtVUmlmC6LkmU657AsmQ+uiHJkoeToZ9wIDAQABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
unknown1
4096
-
unknown2
AAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
uri
/submit.php
-
user_agent
Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; Xbox)
-
watermark
1873433027
Targets
-
-
Target
346a686b7328d4exeexeexeex.exe
-
Size
208KB
-
MD5
346a686b7328d4b6f7970b48db45297e
-
SHA1
c7eff3fc24fdfe59df205c8ba812c4925616d3a3
-
SHA256
51de40c31c3436ee5c701985fe44aa92f7d1b097cc86ce2c203e2865de75e99b
-
SHA512
80832569f86be5bdaf2dec47f9e4bf95c5fc640438b822776e3842f6926df192c48f6e2b932b181e7aec098e0c51cf8424eb478fe43741d934a4560d265a8e94
-
SSDEEP
3072:I+FcIvEbJvYdGVWwk4Kj6olpR2B5f4dS/L4jjZUB55Ow6E:JHEbJAZwBqplpAX/Lmj9bE
Score3/10 -