General
-
Target
a0743e616cf310724b8175aa27e7e22d
-
Size
317KB
-
Sample
231227-dwtslaefdk
-
MD5
a0743e616cf310724b8175aa27e7e22d
-
SHA1
d54e0e53517716d725f5675223ae1dd4c6723b66
-
SHA256
71f73949614c5e15f2682cf1dbd21688f19e5ba52bc0ed93909eb5346d12652a
-
SHA512
b2b08116daf0ff45e312dcc0dcd134937f32907ce652985dd5bc3e3d284bd924a73e16ef624163f550bed48790ac137250f1948435c28f528bf3071f6d79cc40
-
SSDEEP
6144:7JwpYVNcn3pTdNe+WXVi1SB4R7zH2mTK/fN2H5021:7G6cniFiSB4t3K3qd
Behavioral task
behavioral1
Sample
a0743e616cf310724b8175aa27e7e22d.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
a0743e616cf310724b8175aa27e7e22d.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
cobaltstrike
305419896
http://192.168.43.189:80/ucD
-
access_type
512
-
host
192.168.43.189,/ucD
-
http_header1
AAAACgAAABdDYWNoZS1Db250cm9sOiBuby1jYWNoZQAAAAoAAAAWQ29ubmVjdGlvbjogS2VlcC1BbGl2ZQAAAAoAAAAQUHJhZ21hOiBuby1jYWNoZQAAAAcAAAAAAAAADQAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
http_header2
AAAACgAAABdDYWNoZS1Db250cm9sOiBuby1jYWNoZQAAAAoAAAAWQ29ubmVjdGlvbjogS2VlcC1BbGl2ZQAAAAoAAAAQUHJhZ21hOiBuby1jYWNoZQAAAAcAAAAAAAAADQAAAAEAAABsVU1KakFpTlVVdHZOd3cwbEJqOXR6V2Vnd3BodUluNmhOUDllZUlEZk9yY0hKM25vellGUFQtSmw3V3NtYm1qWm5RWFVlc29Ka2NKa3BkWUVkcWdRRkU2UVpnaldWc0xTU0RvbkwyOERZRFZKAAAADAAAAAcAAAABAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
http_method1
GET
-
http_method2
POST
-
maxdns
255
-
polling_time
1000
-
port_number
80
-
sc_process32
%windir%\syswow64\rundll32.exe
-
sc_process64
%windir%\sysnative\rundll32.exe
-
state_machine
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCFmBMBEy36k4luvY2SO97E+bxgA1A5GYjk2mhMQPzoQ2oQ9cu4A3nne00/RaKPT1pulvwqKi8HYz1vS4J2eC7EsMVuPhkwYr6zn/fPS49oTc9onKqB2dBi8u6p+2LPrZQBjQIX9A1sw49jrzCcZgGT8yCXSq9zRlS0/PE4bVMvzQIDAQABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
unknown1
4096
-
unknown2
AAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
uri
/ucW
-
user_agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) like Gecko
-
watermark
305419896
Targets
-
-
Target
a0743e616cf310724b8175aa27e7e22d
-
Size
317KB
-
MD5
a0743e616cf310724b8175aa27e7e22d
-
SHA1
d54e0e53517716d725f5675223ae1dd4c6723b66
-
SHA256
71f73949614c5e15f2682cf1dbd21688f19e5ba52bc0ed93909eb5346d12652a
-
SHA512
b2b08116daf0ff45e312dcc0dcd134937f32907ce652985dd5bc3e3d284bd924a73e16ef624163f550bed48790ac137250f1948435c28f528bf3071f6d79cc40
-
SSDEEP
6144:7JwpYVNcn3pTdNe+WXVi1SB4R7zH2mTK/fN2H5021:7G6cniFiSB4t3K3qd
Score10/10 -