General

  • Target

    0fd4ac8b586b99d950ab3bc911a224e1dc5d8d88e6a62ead60ff208f713abca4

  • Size

    12KB

  • MD5

    92cfcc49de531f686ef84f8b4a9c561b

  • SHA1

    57a83e52a0b957b726a44d6aaa24ea42d8af121b

  • SHA256

    0fd4ac8b586b99d950ab3bc911a224e1dc5d8d88e6a62ead60ff208f713abca4

  • SHA512

    0699e8998e4c62bb4bbd9dfa53414cca67a5a4211f6b171a6b660776a8fadac2e18e81abbd743a78c085ba62057f7ec2f00bdfd5ef431cad041e68335217c647

  • SSDEEP

    192:oq6GPxPThg4E7eTHpyHfpavc+a2ZKGie3Q5tfzru:lThDEyI4vLB3L

Score
10/10

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.199.134:8011/tQc5

Attributes
  • user_agent

    User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; Win64; x64; Trident/6.0; ASU2JS)

Signatures

  • Cobaltstrike family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 0fd4ac8b586b99d950ab3bc911a224e1dc5d8d88e6a62ead60ff208f713abca4
    .exe windows:6 windows x64

    cae3fb8efda6c34ecb4e7966b30f0f12


    Headers

    Imports

    Sections