General

  • Target

    9bc68b098d8275a5b96a67ad496df9944a1639fe6605496a9167994ac4058a1e

  • Size

    62KB

  • MD5

    2d241dc81307ed47a7d178493b6321f6

  • SHA1

    7679d005a70c20dfee92bb01d3c4919d9503c81b

  • SHA256

    9bc68b098d8275a5b96a67ad496df9944a1639fe6605496a9167994ac4058a1e

  • SHA512

    aedb3002bda5ee62276a1cf661cc4fc2af2127666fcb90cafed86980bfcbf4c9f578ba8be2dcb5ecd32eed09b89e4279dbc3ae3beec2a5290935377590e9d6b6

  • SSDEEP

    384:4ZZUandBhyY/13SeTRYeXyQJKK9IAGkJAKcaFKoHNqdaigQfBpawif38hilh+A8k:43ndTdbZyoIASK5KuNqdbBsf3LlwA89

Score
10/10

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.183.135:443/kPOS

Attributes
  • user_agent

    User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0)

Signatures

  • Cobaltstrike family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 9bc68b098d8275a5b96a67ad496df9944a1639fe6605496a9167994ac4058a1e
    .exe windows:6 windows x64

    a7b7e5df8555b3469dd55d0ce821a6e6


    Headers

    Imports

    Sections