General

  • Target

    223478182b4f5473b1ee58dffe199a6b0eabc4bf95ac927846cb88f3c74cc86d

  • Size

    1.2MB

  • Sample

    240304-lh97esga83

  • MD5

    fd12c1c15580530d60762d24a7159184

  • SHA1

    79c81776a28ce4848f593507060d5d16815427f0

  • SHA256

    223478182b4f5473b1ee58dffe199a6b0eabc4bf95ac927846cb88f3c74cc86d

  • SHA512

    e6087689d5d845d3e8c99568344be6b78327a4d4a8fb57bcb3b2181922b63fa7b7254cadcbb5c8069d256dd8c63bedb4d49922bacd59f34b0fd25e589be79e9f

  • SSDEEP

    12288:z8clYU7WD4MK0LLP5J6PPNCBFqV9JRwSsDxR04gOSnACMzqzoK1:Q14MK0LLPj6dCPUutR04gOSrMz6oK1

Malware Config

Extracted

Family

cobaltstrike

C2

http://sev.anqjqirc.cc:443/Demo/blank/HY293MB1

Attributes
  • user_agent

    Accept: application/json, application/xhtml+xml, image/* Accept-Language: es-sv Accept-Encoding: identity, * User-Agent: Mozilla/5.0 (Windows NT 6.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36 Host: sev.anqjqirc.cc

Targets

    • Target

      223478182b4f5473b1ee58dffe199a6b0eabc4bf95ac927846cb88f3c74cc86d

    • Size

      1.2MB

    • MD5

      fd12c1c15580530d60762d24a7159184

    • SHA1

      79c81776a28ce4848f593507060d5d16815427f0

    • SHA256

      223478182b4f5473b1ee58dffe199a6b0eabc4bf95ac927846cb88f3c74cc86d

    • SHA512

      e6087689d5d845d3e8c99568344be6b78327a4d4a8fb57bcb3b2181922b63fa7b7254cadcbb5c8069d256dd8c63bedb4d49922bacd59f34b0fd25e589be79e9f

    • SSDEEP

      12288:z8clYU7WD4MK0LLP5J6PPNCBFqV9JRwSsDxR04gOSnACMzqzoK1:Q14MK0LLPj6dCPUutR04gOSrMz6oK1

MITRE ATT&CK Enterprise v15

Tasks