General
-
Target
a4b96d9cb2b7255ac9eae85cdf30ad4a
-
Size
217KB
-
Sample
240225-135vrsed7x
-
MD5
a4b96d9cb2b7255ac9eae85cdf30ad4a
-
SHA1
77e3d05f181195b2da5c0ba64794b11e2ac12aae
-
SHA256
666f8dd0a6cbdb7e38658d898e4dc0012ff642873183be8b27f212ff1b0edba2
-
SHA512
74ec82228ccf5fc7eeaa8e3414c9c09c427c606b332f39f9d59874b8f02311afdb9e3ed12a4c2471f8b1a14da1c2e7736c764041116a3a33dfb0cf161338a861
-
SSDEEP
3072:xdiFtjEf4gkF6YIc9k8zD9+YMU/cJUO2pmXoD3xFjtU1PHaz:MJEf1kIYVj1+7U/lbD37jU
Behavioral task
behavioral1
Sample
a4b96d9cb2b7255ac9eae85cdf30ad4a.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
a4b96d9cb2b7255ac9eae85cdf30ad4a.exe
Resource
win10v2004-20240221-en
Malware Config
Extracted
cobaltstrike
1556462172
http://workhub.microsoft.com:4433/football/2021/may/31/all/all
-
access_type
512
-
beacon_type
2048
-
host
workhub.microsoft.com,/football/2021/may/31/all/all
-
http_header1
AAAABwAAAAAAAAAPAAAAAwAAAAYAAAAMRmFzdGx5LUNhY2hlAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
http_header2
AAAABwAAAAAAAAAGAAAADWZhc3RseS1oZWFkZXIAAAAHAAAAAQAAAA8AAAADAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
http_method1
GET
-
http_method2
POST
-
jitter
3840
-
maxdns
255
-
polling_time
20000
-
port_number
4433
-
sc_process32
%windir%\syswow64\svchost.exe
-
sc_process64
%windir%\sysnative\svchost.exe
-
state_machine
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCHVbAU1edBlfNE0tQxy7KrrsXN0btYGXvetLyGdQYAwJasI/vjQJB+ANJt5ynvlIrP+43VJgEO19f/Jk6+7RJwgFw9N6vY4TIvo3tzaWWAaJtK5m0iu1N2U9vlbQ6UuIPyD4Vv/lbr3RZeI1XrKQFBMfuBnacjr6KBn+Etjg/MSQIDAQABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
unknown1
4096
-
unknown2
AAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
uri
/all/test21/us/lifeandstyle
-
user_agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.77 Safari/537.36
-
watermark
1556462172
Targets
-
-
Target
a4b96d9cb2b7255ac9eae85cdf30ad4a
-
Size
217KB
-
MD5
a4b96d9cb2b7255ac9eae85cdf30ad4a
-
SHA1
77e3d05f181195b2da5c0ba64794b11e2ac12aae
-
SHA256
666f8dd0a6cbdb7e38658d898e4dc0012ff642873183be8b27f212ff1b0edba2
-
SHA512
74ec82228ccf5fc7eeaa8e3414c9c09c427c606b332f39f9d59874b8f02311afdb9e3ed12a4c2471f8b1a14da1c2e7736c764041116a3a33dfb0cf161338a861
-
SSDEEP
3072:xdiFtjEf4gkF6YIc9k8zD9+YMU/cJUO2pmXoD3xFjtU1PHaz:MJEf1kIYVj1+7U/lbD37jU
Score10/10 -