General

  • Target

    0369aae744af340817f61c918c1ad0eaeb94546028c23c87d6003f1685f8981f

  • Size

    4.8MB

  • Sample

    240528-js2lxsch28

  • MD5

    a1ab3e4a3d86d139ec2cb8f6f7dbade5

  • SHA1

    8270de4c8ff3171e5eb2a2ec6b43eaab35919cad

  • SHA256

    0369aae744af340817f61c918c1ad0eaeb94546028c23c87d6003f1685f8981f

  • SHA512

    8aebc9320cd38e04b949d996ce86a28274d31598d7ac2de8a5588914b063dd678482f60da3adef42938821abec9d4c7b50c765ebfa0adc24059139c105463dc4

  • SSDEEP

    49152:rwQ6Jv0Hscx7iEZQKag7Awn3R1bUdOE85EDo+W2CjvG0IKg+4E0t:85SHs/E1AM3HrEuEM7DIBT

Malware Config

Extracted

Family

cobaltstrike

C2

http://update.winservers-network.com:8443/jquery-3.3.2.slim.min.js

Attributes
  • user_agent

    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Host: update.winservers-network.com Referer: https://cdn.winservers-network.com/ Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv:11.0) like Gecko

Targets

    • Target

      0369aae744af340817f61c918c1ad0eaeb94546028c23c87d6003f1685f8981f

    • Size

      4.8MB

    • MD5

      a1ab3e4a3d86d139ec2cb8f6f7dbade5

    • SHA1

      8270de4c8ff3171e5eb2a2ec6b43eaab35919cad

    • SHA256

      0369aae744af340817f61c918c1ad0eaeb94546028c23c87d6003f1685f8981f

    • SHA512

      8aebc9320cd38e04b949d996ce86a28274d31598d7ac2de8a5588914b063dd678482f60da3adef42938821abec9d4c7b50c765ebfa0adc24059139c105463dc4

    • SSDEEP

      49152:rwQ6Jv0Hscx7iEZQKag7Awn3R1bUdOE85EDo+W2CjvG0IKg+4E0t:85SHs/E1AM3HrEuEM7DIBT

MITRE ATT&CK Enterprise v15

Tasks