General

  • Target

    b05473c841391ccb2032655a864088e714df2c2e01c837939ad16a6d23c3c387

  • Size

    1.1MB

  • MD5

    174024b899474ad2c46d64a50df4f6be

  • SHA1

    deffa7948a97a1f3e4ae6e8024e445968668d17f

  • SHA256

    b05473c841391ccb2032655a864088e714df2c2e01c837939ad16a6d23c3c387

  • SHA512

    ff46ec74107cbda7b5178f7542ac2fd315e06b67df679d0698e98f3b0c7ba220a00b77a5edcb0ba330e7c3f43a854a00cdbf9cdce778cecd8a7862e98fababcc

  • SSDEEP

    12288:I27q8BViDLj2nIccHu+Tc/gvpQW7GzBI2Xf/7Vh:IHl/2ngBc8p3uF3Jh

Score
10/10

Malware Config

Extracted

Family

cobaltstrike

C2

http://update.office-oa.org:8443/api/2

Attributes
  • user_agent

    Host: update.office-oa.org User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0; MALC)

Signatures

  • Cobaltstrike family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • b05473c841391ccb2032655a864088e714df2c2e01c837939ad16a6d23c3c387
    .exe windows:6 windows x64 arch:x64

    93a138801d9601e4c36e6274c8b9d111


    Headers

    Imports

    Sections