General

  • Target

    2d0574b450ec583d5f3156d3282aab9f0613aed62d1b5c2cc051e5bd8f55a640

  • Size

    62KB

  • MD5

    877d4d46aa15868f525d4c3c89636d07

  • SHA1

    ce623c1c24c8dd41ba4653727ff2c783f49626ca

  • SHA256

    2d0574b450ec583d5f3156d3282aab9f0613aed62d1b5c2cc051e5bd8f55a640

  • SHA512

    62fc65ef5ea48b8485e39e13eaada6b5a76c7f1a073efb297bbf05fa0fb7e959122db36f3f8143e89a47fbb586947a26ebae9c0f3cf0d7cdfcd4024f97d4ef82

  • SSDEEP

    384:9apJjipSnHy/Xg0eTsrOaytGLI3WNIhFhcuLg+snWGbH/monADQfBycqCzPA89X+:AH10L7yMIDhXFgbnXBrA89

Score
10/10

Malware Config

Extracted

Family

cobaltstrike

C2

http://101.43.164.21:80/dnV5

Attributes
  • user_agent

    User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; yie9)

Signatures

  • Cobaltstrike family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2d0574b450ec583d5f3156d3282aab9f0613aed62d1b5c2cc051e5bd8f55a640
    .exe windows:6 windows x64

    8857ab4ffcd7a4ae41d92425862b5f3e


    Headers

    Imports

    Sections