General

  • Target

    lsass9.exe

  • Size

    19KB

  • Sample

    240223-msj9eseh6t

  • MD5

    006d9e7f4514b820b5994bfb17cda15b

  • SHA1

    6b1bc20fa640e27e03e2ace38d0b2ec77df9d64d

  • SHA256

    bc715a7fad636b54294a566cf3d4651715245af5009b9a97447395543b0f8fd7

  • SHA512

    64f23ee4ab18ff716d6d40c7f6cc2470e482f6e1d0251075c787f6476a881fc7f57826f929f347f52f17dd20b2ea62b7cc6c345c87b41d1b5222a399da6c1ac1

  • SSDEEP

    384:p+QXwlPRcNH8tz7IBGR6i/XanvndrC79SRBFm3/8C:Drx8Ac/KfM79SU3E

Malware Config

Extracted

Family

cobaltstrike

C2

http://117.72.8.192:443/jquery-3.3.2.slim.min.js

Attributes
  • user_agent

    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Referer: http://code.jquery.com/ Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv:11.0) like Gecko

Targets

    • Target

      lsass9.exe

    • Size

      19KB

    • MD5

      006d9e7f4514b820b5994bfb17cda15b

    • SHA1

      6b1bc20fa640e27e03e2ace38d0b2ec77df9d64d

    • SHA256

      bc715a7fad636b54294a566cf3d4651715245af5009b9a97447395543b0f8fd7

    • SHA512

      64f23ee4ab18ff716d6d40c7f6cc2470e482f6e1d0251075c787f6476a881fc7f57826f929f347f52f17dd20b2ea62b7cc6c345c87b41d1b5222a399da6c1ac1

    • SSDEEP

      384:p+QXwlPRcNH8tz7IBGR6i/XanvndrC79SRBFm3/8C:Drx8Ac/KfM79SU3E

MITRE ATT&CK Matrix

Tasks