General

  • Target

    9b28b96586db3c827fe6835c546500b1.bin

  • Size

    8KB

  • Sample

    240623-de9sgsxcmg

  • MD5

    008ebd5f6d7025dc04d0ba61dea042d6

  • SHA1

    2d42e4f11f490dcf98ed4c9a2a323eabd9449562

  • SHA256

    3525779d646f863b12e1f140b6ae62698c322fc587b4058206b2f8ce73671293

  • SHA512

    7bfbe7eeb2d74556c67a9188dae3992362d7a112eba32bd46739ebfad9bb8d02b1826a55806daa200f092b858f6f8a087f5b51025cb6f3d1d428e5a640db34f9

  • SSDEEP

    192:E9gWwF5lWGhGFd3CnmCSTbGYmOz+lmKiOmgeSNKo65g9KTIIR2ONo4kFu:Eq/5AOG/3ymCqbG1OJnwgXMHyxKu

Malware Config

Extracted

Family

cobaltstrike

C2

http://134.122.130.181:443/jquery-3.3.2.slim.min.js

Attributes
  • user_agent

    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Referer: http://code.jquery.com/ Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv:11.0) like Gecko

Targets

    • Target

      2053d29472753919574285e6494b9c9fb6bf53ae1a8336fdb465d6486380ca77.exe

    • Size

      19KB

    • MD5

      9b28b96586db3c827fe6835c546500b1

    • SHA1

      fba446d9d4a82444e7c8d863259ccd2a0a298442

    • SHA256

      2053d29472753919574285e6494b9c9fb6bf53ae1a8336fdb465d6486380ca77

    • SHA512

      8cf6002b4a1b96a2c33c9b0a239795e2ac45f54d31d7a376f309088d727f3d3d6ad26920a55b2b765f137abdde41eca4e2a51d033c611e269240d40f0258a4e9

    • SSDEEP

      192:5V7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2XRnjqrzuWF8qa1Dojjgi:bqaCF31cix+Dc4zjIRnwFF46gi

MITRE ATT&CK Matrix

Tasks