General
-
Target
e69917a32113c307347e689ce8d0c6eb2c98cdb5e0774ff27475a9efe932f2b8
-
Size
254KB
-
Sample
230804-e7tgmshe63
-
MD5
e24ad18be27228988b4d169c17fe14c9
-
SHA1
2833e747f1ae2430cdb981701112adcb4d42b1ea
-
SHA256
e69917a32113c307347e689ce8d0c6eb2c98cdb5e0774ff27475a9efe932f2b8
-
SHA512
f3f9202a1a32d1f43cf0b0e37d8aa19225ad74529b6ccee4e4c412942f3e66c1a689f63e00dca4d0d55d61519f290dbb331c894c9398178f10ea88c3445635d4
-
SSDEEP
3072:hJwpS2NACV4qAbypuljJGnJYoTjqETdtbsnOfFwXVa/K494YJGaXMaIHnaH:hJwpYVNcn3pTdNe+WXVih4uuH
Behavioral task
behavioral1
Sample
e69917a32113c307347e689ce8d0c6eb2c98cdb5e0774ff27475a9efe932f2b8.dll
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
e69917a32113c307347e689ce8d0c6eb2c98cdb5e0774ff27475a9efe932f2b8.dll
Resource
win10v2004-20230703-en
Malware Config
Extracted
cobaltstrike
305419896
http://akamai-technologies.space:80/dpixel
-
access_type
512
-
host
akamai-technologies.space,/dpixel
-
http_header1
AAAABwAAAAAAAAADAAAABgAAAAZDb29raWUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
http_header2
AAAACgAAACZDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL29jdGV0LXN0cmVhbQAAAAcAAAAAAAAABQAAAAJpZAAAAAcAAAABAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
http_method1
GET
-
http_method2
POST
-
maxdns
255
-
polling_time
60000
-
port_number
80
-
sc_process32
%windir%\syswow64\rundll32.exe
-
sc_process64
%windir%\sysnative\rundll32.exe
-
state_machine
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDimVFMEPw/4kjUYy1ynATg7y1+ah+BuHXPxSEMqZhjlfdgFIKjHSa18+nuu4XVtxe4hunABZb1T9Dp5KSlo2RyTDYC6n+iyTs1M+fy5cypwRnBg+UtTd9qPyNEkX3YCkNJT2kyIttox72phODjwXkS+a5BEw0IUNoVweW32nj7tQIDAQABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
unknown1
4096
-
unknown2
AAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
uri
/submit.php
-
user_agent
Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; NP09; NP09; MAAU)
-
watermark
305419896
Targets
-
-
Target
e69917a32113c307347e689ce8d0c6eb2c98cdb5e0774ff27475a9efe932f2b8
-
Size
254KB
-
MD5
e24ad18be27228988b4d169c17fe14c9
-
SHA1
2833e747f1ae2430cdb981701112adcb4d42b1ea
-
SHA256
e69917a32113c307347e689ce8d0c6eb2c98cdb5e0774ff27475a9efe932f2b8
-
SHA512
f3f9202a1a32d1f43cf0b0e37d8aa19225ad74529b6ccee4e4c412942f3e66c1a689f63e00dca4d0d55d61519f290dbb331c894c9398178f10ea88c3445635d4
-
SSDEEP
3072:hJwpS2NACV4qAbypuljJGnJYoTjqETdtbsnOfFwXVa/K494YJGaXMaIHnaH:hJwpYVNcn3pTdNe+WXVih4uuH
Score3/10 -