General
-
Target
tcp.exe
-
Size
281KB
-
Sample
240917-jrgkcsscmc
-
MD5
2ed1a0c133119462762b51992a94b14b
-
SHA1
6823245d60fb14a67ddf88089a63e0b13069ef2e
-
SHA256
956145b09b907ecbf4063ad62328aecbb87ff2c244e21744ea850da260340f8f
-
SHA512
e03d288c01063deb1a46d367620887a8671b6f681a512322b51508c65449d48edc9b77f034197f5112b0aca914c827cf3f841f6a2adb348328e59c24b9662608
-
SSDEEP
6144:lCjS12joqVHARC/UtB2XP41+zog2e4n14asEz0Ug:cS1QJxvesA1Fe4n14LEzXg
Static task
static1
Behavioral task
behavioral1
Sample
tcp.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
tcp.exe
Resource
win10v2004-20240802-en
Malware Config
Extracted
cobaltstrike
1234567890
-
beacon_type
4096
-
http_header1
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
http_header2
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
polling_time
10000
-
port_number
4444
-
sc_process32
%windir%\syswow64\rundll32.exe
-
sc_process64
%windir%\sysnative\rundll32.exe
-
state_machine
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCIAEw66xXjTaepQFzz07dWBCjlHGakozP7Zy3n/v+0PbBcDyexo5RNcaXSJGeOurQSDplNgpZwAAMKAg08dEFVnAXovqZzjq2gOmLq+IbTZV+m/0FEdztkt5tlICBInxHzcMoMmKv957nfm+1r3bSGgDtxgQfYty+cmdKQvWJS+QIDAQABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
unknown1
4096
-
unknown2
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==
-
watermark
1234567890
Extracted
cobaltstrike
0
-
watermark
0
Targets
-
-
Target
tcp.exe
-
Size
281KB
-
MD5
2ed1a0c133119462762b51992a94b14b
-
SHA1
6823245d60fb14a67ddf88089a63e0b13069ef2e
-
SHA256
956145b09b907ecbf4063ad62328aecbb87ff2c244e21744ea850da260340f8f
-
SHA512
e03d288c01063deb1a46d367620887a8671b6f681a512322b51508c65449d48edc9b77f034197f5112b0aca914c827cf3f841f6a2adb348328e59c24b9662608
-
SSDEEP
6144:lCjS12joqVHARC/UtB2XP41+zog2e4n14asEz0Ug:cS1QJxvesA1Fe4n14LEzXg
Score10/10 -