General
-
Target
2234e3fe02b513ca6117481b73aa56552baff9ef2b7d2e06c95df3ec8acd8d40
-
Size
49KB
-
Sample
231116-hkv9haga87
-
MD5
1877009c4af3ed4c434aa2b602acdf5b
-
SHA1
be00d020787545ec2a1c72dabe14d2824fe80bec
-
SHA256
2234e3fe02b513ca6117481b73aa56552baff9ef2b7d2e06c95df3ec8acd8d40
-
SHA512
3b288c9dae1b3c78309fb4e2f1a27a58df173fa804dcb40b2a61cb0d730791da5ce51e5e5ff13e8c2faba9d0068ee46f6719759e1a4a88b98843336d48a0c92c
-
SSDEEP
768:IViaOS+QmjgPJm+J54eB/Ots+tvaCou4z7FSZBErVvvZICqf4aJWLAg96B99:En+0vTNqsQaCfmFSDqZOf4aSeB/
Static task
static1
Behavioral task
behavioral1
Sample
安全检查资产上报收集表-20231103/安全检查资产上报收集表-20231103-‮xlsx.scr
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
安全检查资产上报收集表-20231103/安全检查资产上报收集表-20231103-‮xlsx.scr
Resource
win10v2004-20231023-en
Behavioral task
behavioral3
Sample
安全检查资产上报收集表-20231103/安全检查资产上报收集表-20231103.xlsx
Resource
win7-20231020-en
Behavioral task
behavioral4
Sample
安全检查资产上报收集表-20231103/安全检查资产上报收集表-20231103.xlsx
Resource
win10v2004-20231023-en
Malware Config
Extracted
cobaltstrike
100000
http://23.105.197.219:4433/dpixel
-
access_type
512
-
beacon_type
2048
-
host
23.105.197.219,/dpixel
-
http_header1
AAAABwAAAAAAAAADAAAABgAAAAZDb29raWUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
-
http_header2
AAAACgAAACZDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL29jdGV0LXN0cmVhbQAAAAcAAAAAAAAABQAAAAJpZAAAAAcAAAABAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
-
http_method1
GET
-
http_method2
POST
-
polling_time
60000
-
port_number
4433
-
sc_process32
%windir%\syswow64\rundll32.exe
-
sc_process64
%windir%\sysnative\rundll32.exe
-
state_machine
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDDohWpPN9dK5Iaq3j5MARwhwXxMD+LZJY92SEg755tH3cbGJDwjAjae+Cq14PUO5w33EpPbdmLoEfwZmXv2Zz/AYj0O8mNmRw35sEPhPXGKj1Snqz4qS1EVBYgJOSMLEUCg7LBwHQtvsGnoZjszjkVqf9Hi9INcnBF8qLyh4JrKQIDAQABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
unknown1
4096
-
unknown2
AAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
uri
/submit.php
-
user_agent
Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727)
-
watermark
100000
Extracted
cobaltstrike
0
-
watermark
0
Targets
-
-
Target
安全检查资产上报收集表-20231103/安全检查资产上报收集表-20231103-‮xlsx.scr
-
Size
48KB
-
MD5
abcca3f54a53769573ea56017d98f83b
-
SHA1
ee0d28c358aa299422b92fb648feb7ee9788eef6
-
SHA256
bdc2b1fa8b1bfc0a01577f524cf54bf1cea087d39396e915c943d3304fcab03f
-
SHA512
a217a2466ea355aa998d8b2f4643246f782e0d5ab01827cf80622b1fcbacbe9c478fb777a1ed510e6170fcdfe7d80519155a769e2d68bf4193894275ce3b6968
-
SSDEEP
768:fkzyZG7SI3/5UOwVxzgXs/RH3KYO+eNfcF4Soker6qQ4HyWOPHxT+scX2v:fkziG/ejwYOjNfcqJgqxOZcG
Score10/10 -
-
-
Target
安全检查资产上报收集表-20231103/安全检查资产上报收集表-20231103.xlsx
-
Size
11KB
-
MD5
bcb7844128b94a56fdd1a507b4ce6382
-
SHA1
d6d168e1ded6d41bec1902b3b9af04d3a2f76b3a
-
SHA256
6d81b7976a2dfa69d0136c803ce732522fa5cbed1ae337851d9d7ae0f7ec6472
-
SHA512
d1f812dfdfe943f6dbf8f2c8e931fb1488156a8f8002e2cd3d63f2105cf51fcbe3c9cfb86749929cd904bbbedbf1550d4b7955ef50c9bf7aedc253fa0cea66ae
-
SSDEEP
192:t9AJ+cpbTjDOeu0pvvgaltjjC4jjWykU1TEAbjD8Q19xfzUYjwJkk4ZCy:t+J+coeu0pvvgavj/jWykoJ1sqPku
Score1/10 -