General
-
Target
90f6da27de20b69086e94268c03f7a9f99f3695f38a09881ba034b5613e0e262
-
Size
1.2MB
-
Sample
240325-cgybssga3z
-
MD5
255155afa92c39dc303471430641e9b5
-
SHA1
6a2e66fbd312370ca299b5607ddb0696013a6aee
-
SHA256
90f6da27de20b69086e94268c03f7a9f99f3695f38a09881ba034b5613e0e262
-
SHA512
98cfa27ee2b96a7df11cfe312cf81efd38c8bb5487ea2ce5ee5fcfa923419bd5a15061f167a923909cea8bd45b30bbd946a3b11b0b5c674d90c70d47162a898e
-
SSDEEP
24576:YjrOT0IpR1B+I60mc3TfDgwkIfGFwZV9B675fcF6u:AqxpRd626
Static task
static1
Behavioral task
behavioral1
Sample
90f6da27de20b69086e94268c03f7a9f99f3695f38a09881ba034b5613e0e262.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
90f6da27de20b69086e94268c03f7a9f99f3695f38a09881ba034b5613e0e262.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
cobaltstrike
100000000
http://api.googletagmauager.com:443/js/jquery-3.3.1.min.js
-
access_type
512
-
beacon_type
2048
-
host
api.googletagmauager.com,/js/jquery-3.3.1.min.js
-
http_header1
AAAACgAAAAtBY2NlcHQ6ICovKgAAAAoAAAAmQWNjZXB0LUxhbmd1YWdlOiB6aC1DTix6aDtxPTAuOCx6aC1UVzsAAAAHAAAAAAAAAA0AAAACAAAAMWh0dHBzOi8vd3d3Lmdvb2dsZS5jb20vd2hhdD9pbmRleHR5cGU9MSZfX2NmZHVpZD0AAAAGAAAAB1JlZmVyZXIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
-
http_header2
AAAACgAAAAtBY2NlcHQ6ICovKgAAAAoAAAAmQWNjZXB0LUxhbmd1YWdlOiB6aC1DTix6aDtxPTAuOCx6aC1UVzsAAAAHAAAAAAAAAAMAAAACAAAAMWh0dHBzOi8vd3d3Lmdvb2dsZS5jb20vd2hhdD9pbmRleHR5cGU9MSZfX2NmZHVpZD0AAAAGAAAAB1JlZmVyZXIAAAAHAAAAAQAAAA0AAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
-
http_method1
GET
-
http_method2
POST
-
jitter
15360
-
polling_time
12000
-
port_number
443
-
sc_process32
%windir%\syswow64\dllhost.exe
-
sc_process64
%windir%\sysnative\dllhost.exe
-
state_machine
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDiq8Z3ZIWxdHswMw0xajkaJ2e+dQfrS7bYFyELbcc9MFlaKa9CZr5AKtDtawA/dcT3wfnXpW8PYhFX4nn+18mvfQYmUZns/cdAeGMNCcJw7tMR4HvwolOStcqgsItPH0tMWFw1k+okTzng0m3CUaLzvmohMGPBCKdzGC2vC5mAvwIDAQABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
unknown1
4.201256192e+09
-
unknown2
AAAABAAAAAEAAAXyAAAAAgAAD7AAAAADAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
uri
/ajax/js/
-
user_agent
User-Agent, Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_0) AppleWebKit/535.11 (KHTML, like Gecko) Chrome/17.0.963.56 Safari/535.11
-
watermark
100000000
Targets
-
-
Target
90f6da27de20b69086e94268c03f7a9f99f3695f38a09881ba034b5613e0e262
-
Size
1.2MB
-
MD5
255155afa92c39dc303471430641e9b5
-
SHA1
6a2e66fbd312370ca299b5607ddb0696013a6aee
-
SHA256
90f6da27de20b69086e94268c03f7a9f99f3695f38a09881ba034b5613e0e262
-
SHA512
98cfa27ee2b96a7df11cfe312cf81efd38c8bb5487ea2ce5ee5fcfa923419bd5a15061f167a923909cea8bd45b30bbd946a3b11b0b5c674d90c70d47162a898e
-
SSDEEP
24576:YjrOT0IpR1B+I60mc3TfDgwkIfGFwZV9B675fcF6u:AqxpRd626
Score10/10 -