General
-
Target
7b9c13919a006396b8c60eeaa54bd5728ef70aa7b7890232f3752506243a3e66.exe
-
Size
678KB
-
Sample
240519-kn42xsba54
-
MD5
32a8cade2024195a71aeb1ebbd1c296f
-
SHA1
1bf81b3d50af85b2ec03151f07bf13788a34de41
-
SHA256
7b9c13919a006396b8c60eeaa54bd5728ef70aa7b7890232f3752506243a3e66
-
SHA512
fb34622f23803476ee6a023980226c58f68b58de68d9a92436ae3c0995c1231b6304526f130766429d8d87500b1a4a10d7920a72fc57949d3910626da3aa4269
-
SSDEEP
12288:BxYfcyrJIFmnFMiMUsbsJiMpxwttsykPN120+IB1JT:BxYfcyrJIFmnFMiMUsbsJiMpxwTsH120
Malware Config
Extracted
cobaltstrike
http://175.178.226.246:33333/icon2.png
-
user_agent
Host: bilibili.com Accept: application/xml;q=0.9,image/avif,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Cookie: token=TYGAelr7Vs8pYUEdf0pAKVf6BcqFCOPB;BIGipServerpool_9.29_5229=3314783417.22012.0000 User-Agent: Microsoft-CryptoAPI/10.0
Targets
-
-
Target
7b9c13919a006396b8c60eeaa54bd5728ef70aa7b7890232f3752506243a3e66.exe
-
Size
678KB
-
MD5
32a8cade2024195a71aeb1ebbd1c296f
-
SHA1
1bf81b3d50af85b2ec03151f07bf13788a34de41
-
SHA256
7b9c13919a006396b8c60eeaa54bd5728ef70aa7b7890232f3752506243a3e66
-
SHA512
fb34622f23803476ee6a023980226c58f68b58de68d9a92436ae3c0995c1231b6304526f130766429d8d87500b1a4a10d7920a72fc57949d3910626da3aa4269
-
SSDEEP
12288:BxYfcyrJIFmnFMiMUsbsJiMpxwttsykPN120+IB1JT:BxYfcyrJIFmnFMiMUsbsJiMpxwTsH120
Score10/10-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
-