General
-
Target
svhost.exe
-
Size
7.3MB
-
Sample
240330-nwwmaseh24
-
MD5
b39ae0e7f783d83b1349b2367350cb27
-
SHA1
2fe26faaadb7bbe6e7b9cac9ecee053cb82685ce
-
SHA256
8eb3617768ce4693b726bb8187e5cccea3359de0196d6f2bbe555c31f12d1234
-
SHA512
24fb8ec717e1c2a712db52a737eaa6f9f16c5aa6835ff51f72f33327d06945aa3b1d0f110dcd40d5c195b8647769a9d1d8832d057bca8cca3887e6e4674a1089
-
SSDEEP
196608:EcLaAXDHqv/L2VmnTNfwZHYYaSEcytbOOhU:9xDKXL2VmnBkPQbO
Behavioral task
behavioral1
Sample
svhost.exe
Resource
win7-20240319-en
Behavioral task
behavioral2
Sample
svhost.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
cobaltstrike
http://www.megtech.xyz:443/jquery-3.7.2.slim.min.js
-
user_agent
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Host: www.megtech.xyz Referer: http://www.megtech.xyz/ Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv:11.0) like Gecko
Targets
-
-
Target
svhost.exe
-
Size
7.3MB
-
MD5
b39ae0e7f783d83b1349b2367350cb27
-
SHA1
2fe26faaadb7bbe6e7b9cac9ecee053cb82685ce
-
SHA256
8eb3617768ce4693b726bb8187e5cccea3359de0196d6f2bbe555c31f12d1234
-
SHA512
24fb8ec717e1c2a712db52a737eaa6f9f16c5aa6835ff51f72f33327d06945aa3b1d0f110dcd40d5c195b8647769a9d1d8832d057bca8cca3887e6e4674a1089
-
SSDEEP
196608:EcLaAXDHqv/L2VmnTNfwZHYYaSEcytbOOhU:9xDKXL2VmnBkPQbO
Score10/10-
Loads dropped DLL
-