Overview

overview

10

Static

static

10

payload.ps1

windows7-x64

10

payload.ps1

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    payload.ps1

  • Size

    3KB

  • MD5

    3ce44224dc2d9d78bc2c0bdd40c8c08b

  • SHA1

    cd0919d5b09ca39fbb142db546fcb25272e5bca8

  • SHA256

    07e289691be57d3017d07aa72c7f99f6f4a519abd333bf7a16c3506b42aab6dc

  • SHA512

    3f4c4898abcb51f795c985dc094aa03ce95c6946d5d32eb270e6cadd95cafc30c56b38cbb9f460cf939352e6d73b9b041cb4b98e86595bac8467f8306d8b6e29

Score
10/10
cobaltstrike

Malware Config

Extracted

Family

cobaltstrike

C2

http://124.220.94.188:4733/jquery-3.3.2.slim.min.js

Attributes
  • user_agent

    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Referer: http://code.jquery.com/ Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv:11.0) like Gecko

Signatures

Files

  • payload.ps1
    .ps1