General

  • Target

    4e3466454b98b41889251fedfc06be3c0f727fd93e950d9e9f375e342916698bN

  • Size

    289KB

  • Sample

    241002-w41vzszhjr

  • MD5

    09d928f7abf7defb56afcc7635bad890

  • SHA1

    68b4552d3efcb768f9b6e07807ea5e1c9f9fd1b2

  • SHA256

    4e3466454b98b41889251fedfc06be3c0f727fd93e950d9e9f375e342916698b

  • SHA512

    4fb8b7e4078b7ba01277e5d3e598c66832db3b0d1cbaa136f7a8402753a531c4081d51847a8b0799c19e176785db1c6e9cd22dea4c9cabc917aa6c2f6854c289

  • SSDEEP

    6144:Vdz1pUP9gVoRZrbTuSx0Rr3E0DMeMOd7x+RZ:jzf5oLbParEC0

Malware Config

Extracted

Family

cobaltstrike

Botnet

391144938

Attributes
  • beacon_type

    1024

  • host

    192.168.3.31

  • http_header1

    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==

  • http_header2

    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==

  • polling_time

    10000

  • port_number

    6666

  • sc_process32

    %windir%\syswow64\rundll32.exe

  • sc_process64

    %windir%\sysnative\rundll32.exe

  • state_machine

    MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCJL5Ce3n7xeQZh03mYK6Lo6yj2dRlhAn+70eMMtMkaLllvdHEjKLNPCGQt9AscIRYstpdNEHYq2A43PgJU4HHnB0kAnszl2nQEERuYzbS/Xllp8+JKryoQUyy55OQITjZoTZY1UV0iEXvV6mz2ePtNDQm1GBgdTuAtgUZLRj+I+wIDAQABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==

  • unknown1

    4096

  • unknown2

    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==

  • watermark

    391144938

Targets

    • Target

      4e3466454b98b41889251fedfc06be3c0f727fd93e950d9e9f375e342916698bN

    • Size

      289KB

    • MD5

      09d928f7abf7defb56afcc7635bad890

    • SHA1

      68b4552d3efcb768f9b6e07807ea5e1c9f9fd1b2

    • SHA256

      4e3466454b98b41889251fedfc06be3c0f727fd93e950d9e9f375e342916698b

    • SHA512

      4fb8b7e4078b7ba01277e5d3e598c66832db3b0d1cbaa136f7a8402753a531c4081d51847a8b0799c19e176785db1c6e9cd22dea4c9cabc917aa6c2f6854c289

    • SSDEEP

      6144:Vdz1pUP9gVoRZrbTuSx0Rr3E0DMeMOd7x+RZ:jzf5oLbParEC0

MITRE ATT&CK Matrix

Tasks