General

  • Target

    5f9c18be2f99a514f0e9f77082060c9435e48cffaa9192fd76c6e95aa88c840a

  • Size

    1.2MB

  • MD5

    7b799901472474a732bdfe96963826d5

  • SHA1

    e3002d44142bb640a9ed6d40dc0ce590905db9f2

  • SHA256

    5f9c18be2f99a514f0e9f77082060c9435e48cffaa9192fd76c6e95aa88c840a

  • SHA512

    3a25e02ba4d4e96a08ca7d4a4859f5c8782628c7bd6352a21b856a900c5b13c7ccc4beabb32b452a872515d715f54a40f407df51f8ae063183f4f5cc7b5a1be4

  • SSDEEP

    12288:9HG1ezjl7q+XmRPiMYZF5HTjjnNKBIpKfT6gOEWWF1LY24fL1agilh1L:NlNG+XmRPiMMTIfT6gOEWWyfLZiD1

Score
10/10

Malware Config

Extracted

Family

cobaltstrike

C2

http://sev.anqjqirc.cc:443/Demo/blank/HY293MB1

Attributes
  • user_agent

    Accept: application/json, application/xhtml+xml, image/* Accept-Language: es-sv Accept-Encoding: identity, * User-Agent: Mozilla/5.0 (Windows NT 6.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36 Host: sev.anqjqirc.cc

Signatures

  • Cobaltstrike family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 5f9c18be2f99a514f0e9f77082060c9435e48cffaa9192fd76c6e95aa88c840a
    .exe windows:6 windows x64 arch:x64

    9cbefe68f395e67356e2a5d8d1b285c0


    Headers

    Imports

    Sections