General
-
Target
4ee0dcbf8589a695e799415b946f57b74d067e6ba65670859f6f44481a67e909
-
Size
1.0MB
-
Sample
240614-e8gjgayhkp
-
MD5
5067d6c299ff81f49ef6a80f1dd6cc5a
-
SHA1
0eb5f9971886f98fb29573ac5add21a7941166d4
-
SHA256
4ee0dcbf8589a695e799415b946f57b74d067e6ba65670859f6f44481a67e909
-
SHA512
6b9e69216f7199ccb6384e2f04bd4074684e49f7d0fb761bf27371cd0216fc0e294574f99547a75cf04015ec98d4d0a9755adac7ffbb05a6a3edd94437990e4e
-
SSDEEP
12288:VnMdbJB3o5bzs0Xqn49sZcVbTPRabcqxR04gLYbQSObomHK1:OK5bzZqnFWpTPUR04gLYxxmHK1
Malware Config
Extracted
cobaltstrike
http://192.168.202.61:80/jquery-3.3.2.slim.min.js
-
user_agent
Accept: text/html,application/xhtml,application/xml;q=0.9,*/*; Accept-Language: en-US,en;q=0.5 Referer: http://code.jquery.com/ Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Edg/119.0.0.0
Targets
-
-
Target
4ee0dcbf8589a695e799415b946f57b74d067e6ba65670859f6f44481a67e909
-
Size
1.0MB
-
MD5
5067d6c299ff81f49ef6a80f1dd6cc5a
-
SHA1
0eb5f9971886f98fb29573ac5add21a7941166d4
-
SHA256
4ee0dcbf8589a695e799415b946f57b74d067e6ba65670859f6f44481a67e909
-
SHA512
6b9e69216f7199ccb6384e2f04bd4074684e49f7d0fb761bf27371cd0216fc0e294574f99547a75cf04015ec98d4d0a9755adac7ffbb05a6a3edd94437990e4e
-
SSDEEP
12288:VnMdbJB3o5bzs0Xqn49sZcVbTPRabcqxR04gLYbQSObomHK1:OK5bzZqnFWpTPUR04gLYxxmHK1
Score10/10-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
-