General
-
Target
228664fbbb70b7815f811b60064e89af6460d62141d679647d995b6e1652c94d
-
Size
259KB
-
Sample
230911-kpz5cseh96
-
MD5
062675b5a045013f93a3fdc84988733b
-
SHA1
79fb7b78e0cc3427e462b96d75c126b5eb99f8fe
-
SHA256
228664fbbb70b7815f811b60064e89af6460d62141d679647d995b6e1652c94d
-
SHA512
a642ced11c1c340efff72c787f1b44b35ce765c68e123ab30742f99308d8c9dddd4edbec234a956b9f23d925305c4ec69fc36b8302f9cc19ea039ba16a732df8
-
SSDEEP
6144:uJqVG5d1IpMyibgkTZI6jHID90aYBXRH/:u3d6tevoxIBXd
Behavioral task
behavioral1
Sample
228664fbbb70b7815f811b60064e89af6460d62141d679647d995b6e1652c94d.dll
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
228664fbbb70b7815f811b60064e89af6460d62141d679647d995b6e1652c94d.dll
Resource
win10v2004-20230831-en
Malware Config
Extracted
cobaltstrike
100000
http://124.221.0.93:7080/g.pixel
-
access_type
512
-
host
124.221.0.93,/g.pixel
-
http_header1
AAAABwAAAAAAAAADAAAABgAAAAZDb29raWUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
-
http_header2
AAAACgAAACZDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL29jdGV0LXN0cmVhbQAAAAcAAAAAAAAABQAAAAJpZAAAAAcAAAABAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
-
http_method1
GET
-
http_method2
POST
-
polling_time
60000
-
port_number
7080
-
sc_process32
%windir%\syswow64\rundll32.exe
-
sc_process64
%windir%\sysnative\rundll32.exe
-
state_machine
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCK8fRrR8ygyM5q31TvJMdmA3PSJ5MI/msymzvVFgw/O6xho0tS7uoFa0/IBlWUtojWjOur06gpA+TEjLldBn7miIClnRma5I/X+Sxc11C+Z+QGO6ct5f5TyRKsNA537DKoek9z+XV+uD12wdo348nevwz6s4G9VgTPxzoW44AcMwIDAQABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
unknown1
4096
-
unknown2
AAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
uri
/submit.php
-
user_agent
Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0)
-
watermark
100000
Targets
-
-
Target
228664fbbb70b7815f811b60064e89af6460d62141d679647d995b6e1652c94d
-
Size
259KB
-
MD5
062675b5a045013f93a3fdc84988733b
-
SHA1
79fb7b78e0cc3427e462b96d75c126b5eb99f8fe
-
SHA256
228664fbbb70b7815f811b60064e89af6460d62141d679647d995b6e1652c94d
-
SHA512
a642ced11c1c340efff72c787f1b44b35ce765c68e123ab30742f99308d8c9dddd4edbec234a956b9f23d925305c4ec69fc36b8302f9cc19ea039ba16a732df8
-
SSDEEP
6144:uJqVG5d1IpMyibgkTZI6jHID90aYBXRH/:u3d6tevoxIBXd
Score3/10 -