General
-
Target
acbd388e4386386eda3683ff89d59ef46c97f6ee62ad635e15315b0f31a4b0d2.zip
-
Size
127KB
-
Sample
240731-y3khqawcrc
-
MD5
d2ac98cd034cbf15c96861e2b9f74853
-
SHA1
6daf38a857e8c0a4d2ef2c2b978dcd05e5c0d40e
-
SHA256
f07b0bacb553325e4733c431899f722eaa707f09c3dd2aa762d989f5664c4f05
-
SHA512
7458041635badea7d32d84ddb84c13e88046dc78af9847e24d8fcfc006f4702ab502954028d19d767465fa44dc04d2691e8214dba333a7ad45ed4f98fcaf5b82
-
SSDEEP
3072:3vkk6J/fMgXTEPE48DDaO6uX84jsNCGms4jYhLwYE9Wz:3snMgjH4nMX84jsEvLMFQIz
Behavioral task
behavioral1
Sample
acbd388e4386386eda3683ff89d59ef46c97f6ee62ad635e15315b0f31a4b0d2.dll
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
acbd388e4386386eda3683ff89d59ef46c97f6ee62ad635e15315b0f31a4b0d2.dll
Resource
win10v2004-20240730-en
Malware Config
Extracted
cobaltstrike
100000000
http://192.168.1.6:7893/g.pixel
-
access_type
512
-
host
192.168.1.6,/g.pixel
-
http_header1
AAAABwAAAAAAAAADAAAABgAAAAZDb29raWUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
-
http_header2
AAAACgAAACZDb250ZW50LVR5cGU6IGFwcGxpY2F0aW9uL29jdGV0LXN0cmVhbQAAAAcAAAAAAAAABQAAAAJpZAAAAAcAAAABAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
-
http_method1
GET
-
http_method2
POST
-
polling_time
60000
-
port_number
7893
-
sc_process32
%windir%\syswow64\rundll32.exe
-
sc_process64
%windir%\sysnative\rundll32.exe
-
state_machine
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCvC8dqkGvHNyHHB3zeX8FghV2kfQSgDCwtqbd6OywJ9xJXrVaebPTUnCwlhecudTz3wWEqhAHIoYe2Wi+iViWQixz4wKGM3u2/XP4JumYtX0h2XpPp5mWXfim413DqW1/a7Dr8F1kwyAea0y7jqNiAckfYSoyWv1Cz9t/K1hDKtwIDAQABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
unknown1
4096
-
unknown2
AAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
uri
/submit.php
-
user_agent
Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/14.0.835.163 Safari/535.1
-
watermark
100000000
Targets
-
-
Target
acbd388e4386386eda3683ff89d59ef46c97f6ee62ad635e15315b0f31a4b0d2
-
Size
260KB
-
MD5
37edfe606feecc1542943bdb323d1aec
-
SHA1
edc291ee05d3ef1c6c5f4148703bd6b5201ae970
-
SHA256
acbd388e4386386eda3683ff89d59ef46c97f6ee62ad635e15315b0f31a4b0d2
-
SHA512
b142ba309f594e08f32c83ca157c80f086035828afa55290afd6c7e2417b0e2697a196742db64c1bc781fb89cfa4d3d2ea450dcf77b2160634ffc99b72774071
-
SSDEEP
3072:ksYckn3Xzq4IDwSK2Mbn/gprBJwJNJsCwQTIfXouPruOOTRO9BQYJerCoC:ksYwjwIGIprBJweGTIDjhOTRIQ8h
Score1/10 -