General

  • Target

    737debd9b8fe8282f0352887169679a2444735089c1d750a5a182f6d05722aea

  • Size

    469KB

  • MD5

    fe76135cbc97d3735081a3e21574b112

  • SHA1

    12c3ae0f3ea9cc935274e99fd05962203a749d0d

  • SHA256

    737debd9b8fe8282f0352887169679a2444735089c1d750a5a182f6d05722aea

  • SHA512

    718ee77cffa343ae34fa62a41549cf2c690aab9b2c16c2cbad20be00448f4b472929857c1132b02693ed9f758b428b77e8a90e3bf12f00b4a49fadd39227871b

  • SSDEEP

    6144:mjwrMJqBrWhCSN21DZuBCPhKQbCZvZBS2Au5raT4yPJA8IBoyYFMJDLpGcRMxY/Y:mjXsRD0C5kvybOraT4yPJWsF+VGriw

Score
10/10

Malware Config

Extracted

Family

cobaltstrike

C2

http://117.50.178.197:27843/Rpc

Attributes
  • user_agent

    Accept: */* User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko)

Signatures

  • Cobaltstrike family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 737debd9b8fe8282f0352887169679a2444735089c1d750a5a182f6d05722aea
    .exe windows:6 windows x64 arch:x64

    b902dc3e6a68205182f245f640ba2034


    Headers

    Imports

    Sections