General

  • Target

    98caa18224ecda4d308d9dffd88c7abf1c434b7c1bba3994b130943712f90293

  • Size

    1.2MB

  • MD5

    efab9418cf20fd8c54845066abc2c37a

  • SHA1

    5cee88e6be2531447589f96e1d719f2bff052c18

  • SHA256

    98caa18224ecda4d308d9dffd88c7abf1c434b7c1bba3994b130943712f90293

  • SHA512

    e34c0556bcc89f598fb939e9606c91cc80fc91e40df5c864202d4fb9b6fc63e340edd86f338f77db39731b46657d107e27bcf2a29a2a7dfd59edce5d410e20c3

  • SSDEEP

    12288:NBNLWz3T2/DOxKwsO7IAtib7gVhGF4noooY0dl/6t6iP9xRaFyR7dL1L2SVMpZkO:B6v+DOxKgibIGFb/HiHRoW7rLl2

Score
10/10

Malware Config

Extracted

Family

cobaltstrike

C2

http://62.234.166.174:8090/Zi8b

Attributes
  • user_agent

    User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; Win64; x64; Trident/6.0; MDDCJS)

Signatures

  • Cobaltstrike family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 98caa18224ecda4d308d9dffd88c7abf1c434b7c1bba3994b130943712f90293
    .exe windows:6 windows x64 arch:x64

    4f2f006e2ecf7172ad368f8289dc96c1


    Headers

    Imports

    Sections