Behavioral task
behavioral1
Sample
doubleC.ps1
Resource
win7-20231215-en
4 signatures
150 seconds
Behavioral task
behavioral2
Sample
doubleC.ps1
Resource
win10v2004-20231222-en
4 signatures
150 seconds
General
-
Target
doubleC.ps1
-
Size
3KB
-
MD5
55fcc8187ee3fe1a6ea31c9376ad9d88
-
SHA1
29e3984ec4b10bd3f0ccaf31b0c1860b8155974d
-
SHA256
dc532637edd6bf8af735c4008cfd9f0e880f2b400d335a56b237527ec846c122
-
SHA512
cc0075d016589caf74cd7409b4fc6f71bb3a0276ef8d91ffa1e0c3f001b94272345bd979c2a4d287195a8c4145cf19ac32445301c576e4372f49e1adcecfd3e6
Score
10/10
Malware Config
Extracted
Family
cobaltstrike
C2
http://8.217.168.80:1999/Fu9i
Attributes
-
user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0; BOIE9;ENUSMSNIP)
Signatures
-
Cobaltstrike family
Files
-
doubleC.ps1.ps1