General
-
Target
20240923f4a3f6f96ce30d5a0890afb2816978cecobaltstrikepoetratsnatch
-
Size
20.2MB
-
Sample
240924-h3cvwayflg
-
MD5
f4a3f6f96ce30d5a0890afb2816978ce
-
SHA1
fcb74955b6cfb313a5a83452a0a520da956d0c5a
-
SHA256
7b47aa3bdda6bba0b01e90f6975bb2144463156d7d52ec612532fdc1a81eb283
-
SHA512
28db7bacf5eb531e1217e436ef925fd4b17144b95504d35acdba7fe90eba606c6310dc056607ac424fb18f43f9452a6de198460d4144dbd3d1b98404e4519fbb
-
SSDEEP
393216:ciotTxfD1/gzQnSegNPCQM2/psErTmlJhjePxnI:itz4zQnSxJCQHscmNePxn
Malware Config
Targets
-
-
Target
20240923f4a3f6f96ce30d5a0890afb2816978cecobaltstrikepoetratsnatch
-
Size
20.2MB
-
MD5
f4a3f6f96ce30d5a0890afb2816978ce
-
SHA1
fcb74955b6cfb313a5a83452a0a520da956d0c5a
-
SHA256
7b47aa3bdda6bba0b01e90f6975bb2144463156d7d52ec612532fdc1a81eb283
-
SHA512
28db7bacf5eb531e1217e436ef925fd4b17144b95504d35acdba7fe90eba606c6310dc056607ac424fb18f43f9452a6de198460d4144dbd3d1b98404e4519fbb
-
SSDEEP
393216:ciotTxfD1/gzQnSegNPCQM2/psErTmlJhjePxnI:itz4zQnSxJCQHscmNePxn
Score10/10-
An open source browser data exporter written in golang.
-
HackBrowserData
An open source golang web browser extractor.
-
Executes dropped EXE
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-
Suspicious use of SetThreadContext
-