Overview

overview

10

Static

static

10

27f16c46d9...3e.dll

windows7-x64

1

27f16c46d9...3e.dll

windows10-2004-x64

1

Sharing

Copy URL Twitter E-mail

General

  • Target

    27f16c46d92c60ee227bf38274e4fbe97643db116b5a843f2ae70d37c9d6173e

  • Size

    7KB

  • MD5

    efc2c64b46e0422b514dd61d377e08a4

  • SHA1

    b2c6b62a5807afa48832a27e63842a7d27113f32

  • SHA256

    27f16c46d92c60ee227bf38274e4fbe97643db116b5a843f2ae70d37c9d6173e

  • SHA512

    2a74cd5201417dd41bceeca074d983d59671aa96a0644348d506ff21837e81a1644490b84538ec73b431ac43739da15727cbf5c164293637e15a86038df69593

  • SSDEEP

    96:QX7mNhfvL6Squcb348p8mC3wT3eolHmHRSS:QXqfLUrYmXT3eoNeR

Score
10/10
cobaltstrike

Malware Config

Extracted

Family

cobaltstrike

C2

http://154.204.58.234:443/jquery-3.3.2.slim.min.js

Attributes
  • user_agent

    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Referer: http://code.jquery.com/ Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/87.0.4242.0 Safari/537.36

Signatures

  • Cobaltstrike family
    cobaltstrike
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 27f16c46d92c60ee227bf38274e4fbe97643db116b5a843f2ae70d37c9d6173e
    .dll windows:4 windows x86

    dae02f32a21e03ce65412f6e56942daa


    Headers

    Imports

    Sections