General

  • Target

    992a9090c7f4e184c4b12f16941c711290ee856a94376624f0c0f52502d09e9a

  • Size

    1.3MB

  • MD5

    11ee686b5998463ec706e6fdc0289025

  • SHA1

    236b25f7c2715eba0bb0aca94c6350b8bb873ae6

  • SHA256

    992a9090c7f4e184c4b12f16941c711290ee856a94376624f0c0f52502d09e9a

  • SHA512

    48723d7a25a17a2c24219399cb7eabec87f1bae8b55b54c59b3ec686190dc120359f1c92eae84711832096e7e249ce26fed389c06c92f895a6e2c6e1d9434357

  • SSDEEP

    24576:IEZvrM5h+FC3/PXKdyFXqJPOSg2FF9m7VID1:IczM5h/3/fKgo8Sg2LwID1

Score
10/10

Malware Config

Extracted

Family

cobaltstrike

C2

http://206.119.171.91:80/nfT5

Attributes
  • user_agent

    User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0; BOIE9;ENUS)

Signatures

  • Cobaltstrike family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 992a9090c7f4e184c4b12f16941c711290ee856a94376624f0c0f52502d09e9a
    .exe windows x64

    f0ea7b7844bbc5bfa9bb32efdcea957c


    Headers

    Imports

    Sections