Overview

overview

10

Static

static

10

b7c5563e4a...fb.dll

windows7-x64

3

b7c5563e4a...fb.dll

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b7c5563e4ab751c62fc6e2f1be3b41459459d0ebe9c47e3e49c7b9e58cd0a9fb

  • Size

    206KB

  • Sample

    231010-162mhseh3w

  • MD5

    5a4e0f99e59f60990ad2c99a678978d0

  • SHA1

    9d677be94d08f7c459a224d3f45272004ab9ef65

  • SHA256

    b7c5563e4ab751c62fc6e2f1be3b41459459d0ebe9c47e3e49c7b9e58cd0a9fb

  • SHA512

    4815dae880aa4b39bd1358b60c19f768d32b678cddcac0292530555c98f2a1e703400b4d7d095c4d19f8e3eb16ff5ba5e5b4d35980b864800d20ff098013ad4a

  • SSDEEP

    3072:ZnT2RRXuwcN3OQXB8CITr9VV2ILe126JyTuBdjdUn5BXj:ZwXupN1x8CgBbRLDTuLj

Score
10/10
cobaltstrike6

Malware Config

Extracted

Family

cobaltstrike

Botnet

6

C2

http://123.60.171.65:7878/j.ad

Attributes
  • access_type

    512

  • host

    123.60.171.65,/j.ad

  • http_header1

    AAAABwAAAAAAAAADAAAABgAAAAZDb29raWUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=

  • http_header2

    AAAACgAAACZDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL29jdGV0LXN0cmVhbQAAAAcAAAAAAAAABQAAAAJpZAAAAAcAAAABAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=

  • http_method1

    GET

  • http_method2

    POST

  • polling_time

    60000

  • port_number

    7878

  • sc_process32

    %windir%\syswow64\rundll32.exe

  • sc_process64

    %windir%\sysnative\rundll32.exe

  • state_machine

    MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCgJmGAjfhbb9BE1RKPN+ux3516dKLAzT88Wk0sH4IPPKvZHyg4RecwIsEr2636nltqlSipEM8W01C0j3sOGVuIOm0g/C0eqoWOkRaMQ58CC/1fY1xaeab0+Khx5fR7wMNrixxtLTWW+bXRNPwvmSvcjnYmJFkQxOCJ6mPAy6nKmQIDAQABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==

  • unknown1

    4096

  • unknown2

    AAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==

  • uri

    /submit.php

  • user_agent

    Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0; Touch; MASPJS)

  • watermark

    6

Targets

    • Target

      b7c5563e4ab751c62fc6e2f1be3b41459459d0ebe9c47e3e49c7b9e58cd0a9fb

    • Size

      206KB

    • MD5

      5a4e0f99e59f60990ad2c99a678978d0

    • SHA1

      9d677be94d08f7c459a224d3f45272004ab9ef65

    • SHA256

      b7c5563e4ab751c62fc6e2f1be3b41459459d0ebe9c47e3e49c7b9e58cd0a9fb

    • SHA512

      4815dae880aa4b39bd1358b60c19f768d32b678cddcac0292530555c98f2a1e703400b4d7d095c4d19f8e3eb16ff5ba5e5b4d35980b864800d20ff098013ad4a

    • SSDEEP

      3072:ZnT2RRXuwcN3OQXB8CITr9VV2ILe126JyTuBdjdUn5BXj:ZwXupN1x8CgBbRLDTuLj

    Score
    3/10
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks