General

  • Target

    a9579b5d3ba68d169058d43b9b9d033897d2e51aceb26f76aa2a250ca337b4e4.exe

  • Size

    798KB

  • Sample

    240725-frqaqazgkl

  • MD5

    999091666dbf12a924835e3720ebec86

  • SHA1

    9491aad3811e00ddf091722397e2506d24fd6946

  • SHA256

    a9579b5d3ba68d169058d43b9b9d033897d2e51aceb26f76aa2a250ca337b4e4

  • SHA512

    05cb1122bc8ec505fd67e9a19eab34404ac872217f21b61266a5ead09b605d9b9dbd719baa8c3c502a92ab4b12275b5f4dabe92e775bc6fedd7bec40d0a10461

  • SSDEEP

    6144:YtqXvTUgaSp+vn8A7NFEooGkvgvGeLaAibwzo9lvKkkKz1eWDwCErbkxYMCrYOPp:8qfTbmn8yNFESk4vZ412tPoTPeb

Malware Config

Extracted

Family

cobaltstrike

C2

http://150.158.75.38:19111/bangumi/play/ep816608

Attributes
  • user_agent

    Host: www.bilibili.com Accept: application/xml;q=0.9,image/avif,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Cookie: token=TYGAelr7Vs8pYUEdf0pAKVf6BcqFCOPB;BIGipServerpool_9.29_5229=3314783417.22012.0000 User-Agent: Microsoft-CryptoAPI/10.0

Targets

    • Target

      a9579b5d3ba68d169058d43b9b9d033897d2e51aceb26f76aa2a250ca337b4e4.exe

    • Size

      798KB

    • MD5

      999091666dbf12a924835e3720ebec86

    • SHA1

      9491aad3811e00ddf091722397e2506d24fd6946

    • SHA256

      a9579b5d3ba68d169058d43b9b9d033897d2e51aceb26f76aa2a250ca337b4e4

    • SHA512

      05cb1122bc8ec505fd67e9a19eab34404ac872217f21b61266a5ead09b605d9b9dbd719baa8c3c502a92ab4b12275b5f4dabe92e775bc6fedd7bec40d0a10461

    • SSDEEP

      6144:YtqXvTUgaSp+vn8A7NFEooGkvgvGeLaAibwzo9lvKkkKz1eWDwCErbkxYMCrYOPp:8qfTbmn8yNFESk4vZ412tPoTPeb

MITRE ATT&CK Matrix

Tasks