General
-
Target
4a7cdf4272f11179db9ddc00680bdcbab23d1c6a1cb48b5e7663e299bb7d5dbb
-
Size
364KB
-
Sample
240113-pdkyhsaadm
-
MD5
bad09730da2271391d0a0e1282ed250d
-
SHA1
154b689b43b87448fc1d3da58417746e4fa99624
-
SHA256
4a7cdf4272f11179db9ddc00680bdcbab23d1c6a1cb48b5e7663e299bb7d5dbb
-
SHA512
f4ceae31d6fd5682ce0069de7765a3dada8eeccc45d140ffd5be116c87df4644b16ba4b294e8f7fadb37ca9f85772425efd83e6ed1ed34a343691b785f092cf1
-
SSDEEP
6144:TgvtgVQ+TOZuxd8JK2+upOHHwgBu5ONCqZHgWj4WTpoNyVfH:Tg9+6ZuxG821pKwgw56CCB8WVoNS
Static task
static1
Behavioral task
behavioral1
Sample
4a7cdf4272f11179db9ddc00680bdcbab23d1c6a1cb48b5e7663e299bb7d5dbb.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
4a7cdf4272f11179db9ddc00680bdcbab23d1c6a1cb48b5e7663e299bb7d5dbb.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
cobaltstrike
100000
http://106.15.45.70:443/center/update_
-
access_type
512
-
beacon_type
2048
-
host
106.15.45.70,/center/update_
-
http_header1
AAAACgAAAA1BY2NlcHQ6IGltYWdlAAAAEAAAAA1Ib3N0OiAzNjAuY29tAAAACgAAABlSZWZlcmVyOiBodHRwczovLzM2MC5jb20vAAAACgAAAB5BY2NlcHQtRW5jb2Rpbmc6IGd6aXAsIGRlZmxhdGUAAAAHAAAAAAAAAA0AAAACAAAACFNFU1NJT049AAAABgAAAAZDb29raWUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
-
http_header2
AAAACgAAAA1BY2NlcHQ6IGltYWdlAAAAEAAAAA1Ib3N0OiAzNjAuY29tAAAACgAAABlSZWZlcmVyOiBodHRwczovLzM2MC5jb20vAAAACgAAAB5BY2NlcHQtRW5jb2Rpbmc6IGd6aXAsIGRlZmxhdGUAAAAHAAAAAAAAAAMAAAAFAAAAB1NFU1NJT04AAAAHAAAAAQAAAA0AAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
-
http_method1
GET
-
http_method2
POST
-
jitter
2560
-
polling_time
2000
-
port_number
443
-
sc_process32
%windir%\syswow64\dllhost.exe
-
sc_process64
%windir%\sysnative\dllhost.exe
-
state_machine
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCs+O191/36APxDiTHF2yz8P+JVut5kuz87lIcpuYNeFzKUMj94YwUHBaGTkcyPiaNPqTcO4oZHsaJJibJOnBV5GSorank1oqu//NwEdplDQyKwz2LsC0itNkXivhG0jj24U8EZJmS/lu4cbgYnIdVhypxnRaT4MFX+yf4aTiatgwIDAQABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
unknown1
1.767183616e+09
-
unknown2
AAAABAAAAAEAAAAIAAAAAgAAAAkAAAADAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
uri
/center/upload_
-
user_agent
Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.31
-
watermark
100000
Targets
-
-
Target
4a7cdf4272f11179db9ddc00680bdcbab23d1c6a1cb48b5e7663e299bb7d5dbb
-
Size
364KB
-
MD5
bad09730da2271391d0a0e1282ed250d
-
SHA1
154b689b43b87448fc1d3da58417746e4fa99624
-
SHA256
4a7cdf4272f11179db9ddc00680bdcbab23d1c6a1cb48b5e7663e299bb7d5dbb
-
SHA512
f4ceae31d6fd5682ce0069de7765a3dada8eeccc45d140ffd5be116c87df4644b16ba4b294e8f7fadb37ca9f85772425efd83e6ed1ed34a343691b785f092cf1
-
SSDEEP
6144:TgvtgVQ+TOZuxd8JK2+upOHHwgBu5ONCqZHgWj4WTpoNyVfH:Tg9+6ZuxG821pKwgw56CCB8WVoNS
Score10/10 -