General

  • Target

    8b90f3fa17d61e33e4ff924ebed4670dfc6f7ad08b13c3bfcc2f95499f407100

  • Size

    9KB

  • Sample

    241123-rl3jmswnc1

  • MD5

    dd7ddfb833ebe22f0e4236f2a8e3b92c

  • SHA1

    a2f6b0adcae42b0ff0b2b7554d12e43e22836f2f

  • SHA256

    8b90f3fa17d61e33e4ff924ebed4670dfc6f7ad08b13c3bfcc2f95499f407100

  • SHA512

    77cbdfe2a22be8e59ef6e818f4cabbad3320b75a1bf8a117f526961dbfc9f91d6c974db6d470ae0ab84bbab66a95b5d119c665bb5a6d5f9bfbdf1eb6a85e99b9

  • SSDEEP

    192:ARqd3PcxUjboo4DQDtU0qo+h0hobjsQWTLBV6Z9wqWky:PbjboowQi0q0hobjVWXBkZzy

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.253.207:443/4sHn

Attributes
  • user_agent

    User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)

Targets

    • Target

      8b90f3fa17d61e33e4ff924ebed4670dfc6f7ad08b13c3bfcc2f95499f407100

    • Size

      9KB

    • MD5

      dd7ddfb833ebe22f0e4236f2a8e3b92c

    • SHA1

      a2f6b0adcae42b0ff0b2b7554d12e43e22836f2f

    • SHA256

      8b90f3fa17d61e33e4ff924ebed4670dfc6f7ad08b13c3bfcc2f95499f407100

    • SHA512

      77cbdfe2a22be8e59ef6e818f4cabbad3320b75a1bf8a117f526961dbfc9f91d6c974db6d470ae0ab84bbab66a95b5d119c665bb5a6d5f9bfbdf1eb6a85e99b9

    • SSDEEP

      192:ARqd3PcxUjboo4DQDtU0qo+h0hobjsQWTLBV6Z9wqWky:PbjboowQi0q0hobjVWXBkZzy

    • Cobaltstrike

      Detected malicious payload which is part of Cobaltstrike.

    • Cobaltstrike family

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks