Overview

overview

10

Static

static

3

2598a08f3e...f4.exe

windows7-x64

10

2598a08f3e...f4.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2598a08f3e6cd2e12e34862b1789637a3c511492ca792caa8078d27a891201f4

  • Size

    1.4MB

  • Sample

    241124-gwtpdaxmd1

  • MD5

    002b633a6fe2e1ed919665616c2e12ef

  • SHA1

    772e56d467281cdc8f4e9a7e8096a294c97b5104

  • SHA256

    2598a08f3e6cd2e12e34862b1789637a3c511492ca792caa8078d27a891201f4

  • SHA512

    efe8b4a08e1975f6b3d32584acba9db78fe286193c85594e8880f2337859318b78a5dea823256b7f69a220e897ae39d927cfdd15f9e0a509cc7245c133ed3597

  • SSDEEP

    24576:el7kg/YVtSaZzP7SKBdJKXSgvQqOCn8l0E0LICu5z1:MwgwVLZj7PbASgvn3n8l0E0LICu5z1

Score
10/10
cobaltstrikebackdoortrojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://60.204.238.168:9876/jquery-3.3.2.slim.min.js

Attributes
  • user_agent

    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Referer: http://code.jquery.com/ Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv:11.0) like Gecko

Targets

    • Target

      2598a08f3e6cd2e12e34862b1789637a3c511492ca792caa8078d27a891201f4

    • Size

      1.4MB

    • MD5

      002b633a6fe2e1ed919665616c2e12ef

    • SHA1

      772e56d467281cdc8f4e9a7e8096a294c97b5104

    • SHA256

      2598a08f3e6cd2e12e34862b1789637a3c511492ca792caa8078d27a891201f4

    • SHA512

      efe8b4a08e1975f6b3d32584acba9db78fe286193c85594e8880f2337859318b78a5dea823256b7f69a220e897ae39d927cfdd15f9e0a509cc7245c133ed3597

    • SSDEEP

      24576:el7kg/YVtSaZzP7SKBdJKXSgvQqOCn8l0E0LICu5z1:MwgwVLZj7PbASgvn3n8l0E0LICu5z1

    Score
    10/10
    cobaltstrikebackdoortrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks