General
-
Target
bc8c332dd98e9adf75adedcde9c87661d67376379277a26eb69338bc5513b882
-
Size
1.3MB
-
Sample
240414-wqxamsde5x
-
MD5
1d176fed00eea7f2cfbef7488485de88
-
SHA1
8f5f2c121db875c470f88236dc0b57d945ee33e0
-
SHA256
bc8c332dd98e9adf75adedcde9c87661d67376379277a26eb69338bc5513b882
-
SHA512
7b2e8ab4d870c440f45598ee4d5aab64092bd1df9dcb7c37bc08af84cde138c423d9d13fba769b473d0660e2221d14f9f64561f84bda107e120230fcdfc55bd4
-
SSDEEP
12288:GOiq/Re4nfpFAIAWEu00H1clm8yyy9fdhVN8ua79OxyVG2nc2a7h+i4ra:Qw/pFA6/nacxcxnU7h+f
Malware Config
Extracted
cobaltstrike
http://192.168.0.53:8899/jquery-3.3.2.slim.min.js
-
user_agent
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Referer: http://code.jquery.com/ Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv:11.0) like Gecko
Targets
-
-
Target
bc8c332dd98e9adf75adedcde9c87661d67376379277a26eb69338bc5513b882
-
Size
1.3MB
-
MD5
1d176fed00eea7f2cfbef7488485de88
-
SHA1
8f5f2c121db875c470f88236dc0b57d945ee33e0
-
SHA256
bc8c332dd98e9adf75adedcde9c87661d67376379277a26eb69338bc5513b882
-
SHA512
7b2e8ab4d870c440f45598ee4d5aab64092bd1df9dcb7c37bc08af84cde138c423d9d13fba769b473d0660e2221d14f9f64561f84bda107e120230fcdfc55bd4
-
SSDEEP
12288:GOiq/Re4nfpFAIAWEu00H1clm8yyy9fdhVN8ua79OxyVG2nc2a7h+i4ra:Qw/pFA6/nacxcxnU7h+f
Score10/10-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
-