General
-
Target
95aaade34593c916bc5bd69742e3d5175da0ce2c1f5e40fb3369e94fa8320f73
-
Size
1.4MB
-
Sample
240530-rt7tbsbf4x
-
MD5
ab65b6249a99304781c9fb4b21a9870e
-
SHA1
d1afadcc09c5e20ee4b4b1e4662827536f9c8c9a
-
SHA256
95aaade34593c916bc5bd69742e3d5175da0ce2c1f5e40fb3369e94fa8320f73
-
SHA512
2721210b427f0bdf583daddccdf44aa39494a710e47fee872a5af63d7864acd3fb1dc76b239c499bb0b8a28a375fb8be34a878034f9e20caaa4371fa02af97d2
-
SSDEEP
24576:uEN3WasoCuK/0thNpT0IFk8j7jUZCGX/QLYgyFoNslvb1:uE4o5CahNpT0x8/yC6+YgyeNGvb1
Static task
static1
Behavioral task
behavioral1
Sample
95aaade34593c916bc5bd69742e3d5175da0ce2c1f5e40fb3369e94fa8320f73.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
95aaade34593c916bc5bd69742e3d5175da0ce2c1f5e40fb3369e94fa8320f73.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
cobaltstrike
http://8.130.123.131:11001/_/rp/FTmJMkisSOAwXdvbYo-M3c6924I.br.js
-
user_agent
Accept: */* Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 4.0; Trident/4.0)
Targets
-
-
Target
95aaade34593c916bc5bd69742e3d5175da0ce2c1f5e40fb3369e94fa8320f73
-
Size
1.4MB
-
MD5
ab65b6249a99304781c9fb4b21a9870e
-
SHA1
d1afadcc09c5e20ee4b4b1e4662827536f9c8c9a
-
SHA256
95aaade34593c916bc5bd69742e3d5175da0ce2c1f5e40fb3369e94fa8320f73
-
SHA512
2721210b427f0bdf583daddccdf44aa39494a710e47fee872a5af63d7864acd3fb1dc76b239c499bb0b8a28a375fb8be34a878034f9e20caaa4371fa02af97d2
-
SSDEEP
24576:uEN3WasoCuK/0thNpT0IFk8j7jUZCGX/QLYgyFoNslvb1:uE4o5CahNpT0x8/yC6+YgyeNGvb1
Score10/10-
Modifies Installed Components in the registry
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-