Resubmissions

06/10/2023, 04:43

231006-fca79abb98 10

06/10/2023, 04:40

231006-fay7asha6x 10

General

  • Target

    page.dll

  • Size

    6.7MB

  • MD5

    a662df66f9de5d49602388aec88a3f7d

  • SHA1

    a30958d0f554d59060551c1cafa1714a9ba4741b

  • SHA256

    010b73ba0d7e254bc8833660fad781616f2b6b1562247b82f7b74b584bc0f835

  • SHA512

    d93d10355532b4e09a27ee92bd58192737a27c60cff1fc928609accfbb3538c1720b69bb9900b8048585c6c4728e16a33e2198d48aef74288cf80f0a8a34f38e

  • SSDEEP

    24576:j5NLAEA2PztiPs+kvbeVj0pcHjZJwL9JNDa+lLy3iP1JynqwzYyJtaVUP8mwB9Xa:MCFaltanBSLZnfFyIqR3R8ryLX8QyKg

Score
10/10

Malware Config

Extracted

Family

cobaltstrike

C2

http://driverstorage.firmware.keenetic.pro:443/Communicate/certenroll/LGKWDB7K

Attributes
  • user_agent

    Accept: text/html, application/xml, application/json Accept-Language: et Accept-Encoding: br, compress User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.4) Gecko/20100101 Firefox/4.0

Signatures

  • Cobaltstrike family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • page.dll
    .dll windows:6 windows x64

    f988c252512620600cf69969b84ebdc5


    Headers

    Imports

    Exports

    Sections