General

  • Target

    2f923905cad8e0474bf8e55ad230f11f109ed9f3a3506d9dd1563f6569776315

  • Size

    3.6MB

  • MD5

    9babf7bdc26ec39dd3c030e1c95a5600

  • SHA1

    2cd95ae55cf35c58c62ae225fba1ccd58820728a

  • SHA256

    2f923905cad8e0474bf8e55ad230f11f109ed9f3a3506d9dd1563f6569776315

  • SHA512

    11aa7959b908946d4a177fdc7fd8d0994e0c4e67ec3c201c95509dc93880cfd94cf9578a53756d2d4bc24110776d12a9f313cb9671740438985910e3f945175a

  • SSDEEP

    49152:NDkLInQ3L4Gdrb/T0vO90d7HjmAFd4A64nsfJWsVi+ikLHShGi3d5EhnDSgO2CJ7:w3L4dsVjin3zEhRDTY25UOUN

Score
10/10

Malware Config

Extracted

Family

cobaltstrike

C2

http://140.82.62.8:14221/jquery-3.3.2.slim.min.js

Attributes
  • user_agent

    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Referer: http://code.jquery.com/ Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.114 Safari/537.36

Signatures

  • Cobaltstrike family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2f923905cad8e0474bf8e55ad230f11f109ed9f3a3506d9dd1563f6569776315
    .exe windows:6 windows x64 arch:x64

    f0ea7b7844bbc5bfa9bb32efdcea957c


    Headers

    Imports

    Sections