General
-
Target
9d7975e9276f0a632de6a22087ecfbb890d657b816bde4f7d475fba234ff5cfa
-
Size
259KB
-
Sample
230915-mj2gcacg69
-
MD5
6c93a97139c447424c016a0352afba31
-
SHA1
50e11dccfb3bdea585416686984202cc87692ca7
-
SHA256
9d7975e9276f0a632de6a22087ecfbb890d657b816bde4f7d475fba234ff5cfa
-
SHA512
620b22a564544166e3298a5c04b1fda19413e6e299c24d5afd1348fe1bd10961a9e668accba0f93d33d7b166778b39e1b63f7913e7c389a30942ec676f157b43
-
SSDEEP
6144:uJqVG5d1IpMyibgkTZI6jHID90a/BXhH/:u3d6tevoxvBXN
Behavioral task
behavioral1
Sample
9d7975e9276f0a632de6a22087ecfbb890d657b816bde4f7d475fba234ff5cfa.dll
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
9d7975e9276f0a632de6a22087ecfbb890d657b816bde4f7d475fba234ff5cfa.dll
Resource
win10v2004-20230915-en
Malware Config
Extracted
cobaltstrike
100000
http://43.129.183.133:80/dpixel
-
access_type
512
-
host
43.129.183.133,/dpixel
-
http_header1
AAAABwAAAAAAAAADAAAABgAAAAZDb29raWUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
-
http_header2
AAAACgAAACZDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL29jdGV0LXN0cmVhbQAAAAcAAAAAAAAABQAAAAJpZAAAAAcAAAABAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
-
http_method1
GET
-
http_method2
POST
-
polling_time
60000
-
port_number
80
-
sc_process32
%windir%\syswow64\rundll32.exe
-
sc_process64
%windir%\sysnative\rundll32.exe
-
state_machine
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCpZ1JAdp6er0VD8OUUQuwVrqMOU1R4UxbCDMhB8zrM8EZ3GmjvxWuV/y4/IH/cNwfJ1A2zCzE3oRXJcfLZjiBBfZmNUXWzz/G2bQML3ypMnI0JVn9REXgfMM0+nl0Z5YJO6IQk3W0uhLFZYQ+zYXV5gfULuqN5wNCVReSVd3W6JwIDAQABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
unknown1
4096
-
unknown2
AAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
uri
/submit.php
-
user_agent
Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0; BOIE9;ENUS)
-
watermark
100000
Targets
-
-
Target
9d7975e9276f0a632de6a22087ecfbb890d657b816bde4f7d475fba234ff5cfa
-
Size
259KB
-
MD5
6c93a97139c447424c016a0352afba31
-
SHA1
50e11dccfb3bdea585416686984202cc87692ca7
-
SHA256
9d7975e9276f0a632de6a22087ecfbb890d657b816bde4f7d475fba234ff5cfa
-
SHA512
620b22a564544166e3298a5c04b1fda19413e6e299c24d5afd1348fe1bd10961a9e668accba0f93d33d7b166778b39e1b63f7913e7c389a30942ec676f157b43
-
SSDEEP
6144:uJqVG5d1IpMyibgkTZI6jHID90a/BXhH/:u3d6tevoxvBXN
Score1/10 -