General

  • Target

    7a08adbc98f2705182e6d128523c0c4d84b5cc303acae45296828d4ce145f952

  • Size

    63KB

  • MD5

    8750f5933630d213f7df406b59076e16

  • SHA1

    ee968ce49bc8d84d5d5a2790c521734b5c3379bc

  • SHA256

    7a08adbc98f2705182e6d128523c0c4d84b5cc303acae45296828d4ce145f952

  • SHA512

    61df8e78c6bb63e765801ffd9de883e176d329d15e59a417b514796bc41c39b3137b0491148bbf1e0e6fb52d2ce9c57b25c54c1320c0c04df7dc69db74fa50cd

  • SSDEEP

    384:8aaX2GLGSZKeTzpc/MyU7KE1+MI75iXqyUlHUQmwrGMQfBE9qYv3/Wf+Ay9XA:SXtbDyfEk2DEUQmHFBeqUvAy9

Score
10/10

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.18.130:29000/jquery-3.3.2.slim.min.js

Attributes
  • user_agent

    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Referer: http://code.jquery.com/ Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.34 Safari/537.36 Edg/

Signatures

  • Cobaltstrike family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 7a08adbc98f2705182e6d128523c0c4d84b5cc303acae45296828d4ce145f952
    .exe windows x64

    1a3edac0f203a2121966088b90758488


    Headers

    Imports

    Sections