General

  • Target

    3763bb6d9f3a0325f44eae90c556859173167faa69827a191505e3b85faafe26

  • Size

    19KB

  • Sample

    240307-ly332sgg27

  • MD5

    8c4e4721a1de6a2e06f7d517ffe7dd38

  • SHA1

    43912246f956b80c41d24e82d29344ca7b866c6e

  • SHA256

    3763bb6d9f3a0325f44eae90c556859173167faa69827a191505e3b85faafe26

  • SHA512

    a24eeb8d2c24aa50caac95b4a95bc5635ec390f3b9c8fccb4dc07ceed2b224442a39a396f6e17d737f3c53c7cb0c2dbc0d4fe823246ff06dbf24e3b549568e54

  • SSDEEP

    192:oV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/20kp6WF8qa1Dojjgi:aqaCF31cix+Dc4zj8pjFF46gi

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.137.128:9991/jPLW

Attributes
  • user_agent

    User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; InfoPath.2; .NET4.0C; .NET4.0E)

Targets

    • Target

      3763bb6d9f3a0325f44eae90c556859173167faa69827a191505e3b85faafe26

    • Size

      19KB

    • MD5

      8c4e4721a1de6a2e06f7d517ffe7dd38

    • SHA1

      43912246f956b80c41d24e82d29344ca7b866c6e

    • SHA256

      3763bb6d9f3a0325f44eae90c556859173167faa69827a191505e3b85faafe26

    • SHA512

      a24eeb8d2c24aa50caac95b4a95bc5635ec390f3b9c8fccb4dc07ceed2b224442a39a396f6e17d737f3c53c7cb0c2dbc0d4fe823246ff06dbf24e3b549568e54

    • SSDEEP

      192:oV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/20kp6WF8qa1Dojjgi:aqaCF31cix+Dc4zj8pjFF46gi

MITRE ATT&CK Matrix

Tasks