General
-
Target
e33be37031041d63c9148f694d303010cd6c676afc745cf57b592c09a39d16b5
-
Size
404KB
-
Sample
240523-epva8add4s
-
MD5
a1aa8bac8bed53718cd91c500447681d
-
SHA1
1489cdb5bdb06e41725830bcecf5d8a48cd9c2c1
-
SHA256
e33be37031041d63c9148f694d303010cd6c676afc745cf57b592c09a39d16b5
-
SHA512
71ec13fc9f67a4f08e8e95daf2680e9e324412fbe54979a45b0504d8808c00d60d8108f5b0f55d5042ad9093d1f249dff86d897a51d35644f780304416505209
-
SSDEEP
6144:gLMSGedckyztgKYlHRJ0Ipj5+A/TMa2By+jD90zhDLaPqRaE:gwNeyzyNH3Jd5+WyxCLaiv
Malware Config
Extracted
cobaltstrike
426352781
http://okow.windowsupdate.com:53/c/msdownload/update/others/2021/10/29136388_
-
access_type
512
-
beacon_type
256
-
dns_idle
7.82248471e+08
-
dns_sleep
3.89251072e+09
-
host
okow.windowsupdate.com,/c/msdownload/update/others/2021/10/29136388_
-
http_method1
GET
-
http_method2
POST
-
jitter
2560
-
maxdns
208
-
polling_time
60000
-
port_number
53
-
sc_process32
%windir%\syswow64\wusa.exe
-
sc_process64
%windir%\sysnative\wusa.exe
-
state_machine
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQClJ9UOnSC5TmS+v0k71C3Lrd/m0aOykNZc+KP2DdI/Ri/hRHkOB6Zt5eFQgj8Q5dQL6qbnKu92LWxoOLEyk9ErESU77R3PqMqtDdazMoZ0k+FguWFGgSzM7ndZqzFx8wq07g5v/MdsxjFsIg2ohBDz4iXW9TEf8T0b6bj6bfFvHQIDAQABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
unknown1
1.448416512e+09
-
watermark
426352781
Targets
-
-
Target
e33be37031041d63c9148f694d303010cd6c676afc745cf57b592c09a39d16b5
-
Size
404KB
-
MD5
a1aa8bac8bed53718cd91c500447681d
-
SHA1
1489cdb5bdb06e41725830bcecf5d8a48cd9c2c1
-
SHA256
e33be37031041d63c9148f694d303010cd6c676afc745cf57b592c09a39d16b5
-
SHA512
71ec13fc9f67a4f08e8e95daf2680e9e324412fbe54979a45b0504d8808c00d60d8108f5b0f55d5042ad9093d1f249dff86d897a51d35644f780304416505209
-
SSDEEP
6144:gLMSGedckyztgKYlHRJ0Ipj5+A/TMa2By+jD90zhDLaPqRaE:gwNeyzyNH3Jd5+WyxCLaiv
Score1/10 -