General

  • Target

    57ae49e4d308ac50d1b5387ebc360ef1b56e759fe6307b89ef4c3cae56bc5e9b

  • Size

    407KB

  • Sample

    241107-dp72mstkaw

  • MD5

    d580bf652eb4024d6208731f482546a3

  • SHA1

    e732648e5d54f07ac9ebb7fa4f02f1e99949a37b

  • SHA256

    57ae49e4d308ac50d1b5387ebc360ef1b56e759fe6307b89ef4c3cae56bc5e9b

  • SHA512

    32f36c3282fd6b7f1f3b81d3be3a131e84a82a6391a1c39ab5d7aae72ba83f2c26629972a0be3671f3e75a741c7699df2f95dbe04020dff3806df9dc18211939

  • SSDEEP

    6144:tiiP+ODzH42IiXhTAoUFrpwcjIvS5IBaMw4qZb+s194Q:tiiP+ODzH42IiXhTA0eIBaMRc+s1

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.150.128:8080/signin

Attributes
  • user_agent

    Connection: close Sec-Fetch-Site: same-origin Sec-Fetch-Mode: navigate Sec-Fetch-User: ?1 Sec-Detch-Dest: document User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 12_1_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Mobile/16C104

Targets

    • Target

      57ae49e4d308ac50d1b5387ebc360ef1b56e759fe6307b89ef4c3cae56bc5e9b

    • Size

      407KB

    • MD5

      d580bf652eb4024d6208731f482546a3

    • SHA1

      e732648e5d54f07ac9ebb7fa4f02f1e99949a37b

    • SHA256

      57ae49e4d308ac50d1b5387ebc360ef1b56e759fe6307b89ef4c3cae56bc5e9b

    • SHA512

      32f36c3282fd6b7f1f3b81d3be3a131e84a82a6391a1c39ab5d7aae72ba83f2c26629972a0be3671f3e75a741c7699df2f95dbe04020dff3806df9dc18211939

    • SSDEEP

      6144:tiiP+ODzH42IiXhTAoUFrpwcjIvS5IBaMw4qZb+s194Q:tiiP+ODzH42IiXhTA0eIBaMRc+s1

MITRE ATT&CK Matrix

Tasks