General

  • Target

    b6ff5a2e2f6f9f91733acb39b4ad748c6c05074836cdaad7dac41f5231e4bd4f

  • Size

    4.6MB

  • MD5

    ebc0a816e3589e39478107d1e4407bb2

  • SHA1

    650f115d8570776e53fb755c631d3ca34eb33a52

  • SHA256

    b6ff5a2e2f6f9f91733acb39b4ad748c6c05074836cdaad7dac41f5231e4bd4f

  • SHA512

    252bc9b95633bc8616650a70e9118b61ef8b102884455a030184e9201cba5eedd06d2df20ce7f8a6e53e2780ab752b7052a24acb8295229d0c737c4265b1b4ee

  • SSDEEP

    98304:ZPxPRVy1cK7ggczAcxBCnU3j/jifXOJMsSboiA3hPqLy38:Z5Py1cMczsnUz/jiWmsSucmM

Malware Config

Extracted

Family

cobaltstrike

C2

http://52.78.207.108:802/IeIf

Attributes
  • user_agent

    User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)

Signatures

Files

  • b6ff5a2e2f6f9f91733acb39b4ad748c6c05074836cdaad7dac41f5231e4bd4f
    .exe windows x64

    a6cec5b1a631d592d80900ab7e1de8df


    Code Sign

    Headers

    Imports

    Sections

  • shellcode.pyc