General

  • Target

    b6cc660bd00cb2c7004e467ee3728b6e

  • Size

    1.1MB

  • Sample

    240306-hs9f4adf8x

  • MD5

    b6cc660bd00cb2c7004e467ee3728b6e

  • SHA1

    e42124403742b314960ee5fbb6024cac5b739708

  • SHA256

    f1fb15564238b90937142fb6139437bb525063b68a5662d9806f9c122e186582

  • SHA512

    f71b4ba85532cafee5e690a18b2d3fa15cd81da866ae19fc4e7c282d43ed8bd3320d7be578c6ceb26cbfffed02309e8e17720bdc15c01e6ba32980961dd7a8d0

  • SSDEEP

    24576:knP+TUL8iDdW7tyVtRZtGOGWWBHClnpib+SdfbEakJLV:kP+gLXGtqRZtGOeilnp4+0bEayL

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.111.3:80/FKic

Attributes
  • user_agent

    User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)

Targets

    • Target

      b6cc660bd00cb2c7004e467ee3728b6e

    • Size

      1.1MB

    • MD5

      b6cc660bd00cb2c7004e467ee3728b6e

    • SHA1

      e42124403742b314960ee5fbb6024cac5b739708

    • SHA256

      f1fb15564238b90937142fb6139437bb525063b68a5662d9806f9c122e186582

    • SHA512

      f71b4ba85532cafee5e690a18b2d3fa15cd81da866ae19fc4e7c282d43ed8bd3320d7be578c6ceb26cbfffed02309e8e17720bdc15c01e6ba32980961dd7a8d0

    • SSDEEP

      24576:knP+TUL8iDdW7tyVtRZtGOGWWBHClnpib+SdfbEakJLV:kP+gLXGtqRZtGOeilnp4+0bEayL

    • Cobaltstrike

      Detected malicious payload which is part of Cobaltstrike.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks