Overview

overview

10

Static

static

10

e69917a321...b8.dll

windows7-x64

3

e69917a321...b8.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e69917a32113c307347e689ce8d0c6eb2c98cdb5e0774ff27475a9efe932f2b8

  • Size

    254KB

  • Sample

    230804-e7tgmshe63

  • MD5

    e24ad18be27228988b4d169c17fe14c9

  • SHA1

    2833e747f1ae2430cdb981701112adcb4d42b1ea

  • SHA256

    e69917a32113c307347e689ce8d0c6eb2c98cdb5e0774ff27475a9efe932f2b8

  • SHA512

    f3f9202a1a32d1f43cf0b0e37d8aa19225ad74529b6ccee4e4c412942f3e66c1a689f63e00dca4d0d55d61519f290dbb331c894c9398178f10ea88c3445635d4

  • SSDEEP

    3072:hJwpS2NACV4qAbypuljJGnJYoTjqETdtbsnOfFwXVa/K494YJGaXMaIHnaH:hJwpYVNcn3pTdNe+WXVih4uuH

Score
10/10
cobaltstrike305419896

Malware Config

Extracted

Family

cobaltstrike

Botnet

305419896

C2

http://akamai-technologies.space:80/dpixel

Attributes
  • access_type

    512

  • host

    akamai-technologies.space,/dpixel

  • http_header1

    AAAABwAAAAAAAAADAAAABgAAAAZDb29raWUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==

  • http_header2

    AAAACgAAACZDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL29jdGV0LXN0cmVhbQAAAAcAAAAAAAAABQAAAAJpZAAAAAcAAAABAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==

  • http_method1

    GET

  • http_method2

    POST

  • maxdns

    255

  • polling_time

    60000

  • port_number

    80

  • sc_process32

    %windir%\syswow64\rundll32.exe

  • sc_process64

    %windir%\sysnative\rundll32.exe

  • state_machine

    MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDimVFMEPw/4kjUYy1ynATg7y1+ah+BuHXPxSEMqZhjlfdgFIKjHSa18+nuu4XVtxe4hunABZb1T9Dp5KSlo2RyTDYC6n+iyTs1M+fy5cypwRnBg+UtTd9qPyNEkX3YCkNJT2kyIttox72phODjwXkS+a5BEw0IUNoVweW32nj7tQIDAQABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==

  • unknown1

    4096

  • unknown2

    AAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==

  • uri

    /submit.php

  • user_agent

    Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; NP09; NP09; MAAU)

  • watermark

    305419896

Targets

    • Target

      e69917a32113c307347e689ce8d0c6eb2c98cdb5e0774ff27475a9efe932f2b8

    • Size

      254KB

    • MD5

      e24ad18be27228988b4d169c17fe14c9

    • SHA1

      2833e747f1ae2430cdb981701112adcb4d42b1ea

    • SHA256

      e69917a32113c307347e689ce8d0c6eb2c98cdb5e0774ff27475a9efe932f2b8

    • SHA512

      f3f9202a1a32d1f43cf0b0e37d8aa19225ad74529b6ccee4e4c412942f3e66c1a689f63e00dca4d0d55d61519f290dbb331c894c9398178f10ea88c3445635d4

    • SSDEEP

      3072:hJwpS2NACV4qAbypuljJGnJYoTjqETdtbsnOfFwXVa/K494YJGaXMaIHnaH:hJwpYVNcn3pTdNe+WXVih4uuH

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks