General

  • Target

    340767f84451baa1315e4a2ec9899a8257d036b97a3696359e44b125be6ca16e

  • Size

    1.4MB

  • Sample

    231224-lttntaeab3

  • MD5

    2cf8e37c590de87200a8fc42029fe50f

  • SHA1

    5168ad39f2021a8e7f527d598308f7a2f8f208fb

  • SHA256

    340767f84451baa1315e4a2ec9899a8257d036b97a3696359e44b125be6ca16e

  • SHA512

    3c51b463194ac38356815d92ce8241ead3e38b2d2993e460888be0bd0168151ffd5a1f61232b7ae3142abd9c1c553369bf1efa492a6377daf70cd7352351f3c8

  • SSDEEP

    24576:DacYC5EdvtTge1V6wh3AsnM5cQSBP9AJ1dUogWPoBMo1ipxdDQhmlNEIqSHxIMcR:DaBC5Ezge1gq3VM5clMdzgWwBMoEpj7Q

Malware Config

Extracted

Family

cobaltstrike

Botnet

426352781

C2

http://UPDATE.OSDEVICEUPDATESERVICES.COM:53/jquery-3.3.1.min.js

Attributes
  • access_type

    512

  • beacon_type

    256

  • dns_idle

    1.908702538e+09

  • host

    UPDATE.OSDEVICEUPDATESERVICES.COM,/jquery-3.3.1.min.js

  • http_method1

    GET

  • http_method2

    POST

  • jitter

    9472

  • maxdns

    255

  • polling_time

    45000

  • port_number

    53

  • sc_process32

    %windir%\syswow64\dllhost.exe

  • sc_process64

    %windir%\sysnative\dllhost.exe

  • state_machine

    MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCQUTNVwBqPVx15rtX38o7pOpriBWIlw+kXxvOCma25M4w0forsyzXeQalgP8UsXDnp7SGMb8jydHjKW7EF5ok+x/As+kPE+GPVnGKUFbJX/D+F5Zpz6hU8pnnjaWRqow0zXTdwFKG0cciafrBcsyvxAVd5rRmuDUZFLjWg5dm42QIDAQABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==

  • unknown1

    4.234810624e+09

  • watermark

    426352781

Targets

    • Target

      update.exe

    • Size

      2.9MB

    • MD5

      bbb5279047e1756a9e6d90a3f601c693

    • SHA1

      e49888361c9e7d808aaa55234df817d109e9c24b

    • SHA256

      511d15c567eb862c9f6bb5ccad1ff19dee76999ceb3adee8c3b5a917d84360e3

    • SHA512

      5622875d43c31de6a4ae3b4a2ed786b26866d6df2987c858964f79cbc557472b9d01969df4e8b08a4a71c96858f3288bffc02e42fed246c9ad63f550ac94badb

    • SSDEEP

      49152:UY1+PcvD8154tGEwpLH875F7i8iArXhQOoP3jS5GlRdL5b:vAqUOEEwx

MITRE ATT&CK Matrix

Tasks