General
-
Target
2598a08f3e6cd2e12e34862b1789637a3c511492ca792caa8078d27a891201f4
-
Size
1.4MB
-
Sample
241124-gylrjstmdn
-
MD5
002b633a6fe2e1ed919665616c2e12ef
-
SHA1
772e56d467281cdc8f4e9a7e8096a294c97b5104
-
SHA256
2598a08f3e6cd2e12e34862b1789637a3c511492ca792caa8078d27a891201f4
-
SHA512
efe8b4a08e1975f6b3d32584acba9db78fe286193c85594e8880f2337859318b78a5dea823256b7f69a220e897ae39d927cfdd15f9e0a509cc7245c133ed3597
-
SSDEEP
24576:el7kg/YVtSaZzP7SKBdJKXSgvQqOCn8l0E0LICu5z1:MwgwVLZj7PbASgvn3n8l0E0LICu5z1
Malware Config
Extracted
cobaltstrike
http://60.204.238.168:9876/jquery-3.3.2.slim.min.js
-
user_agent
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Referer: http://code.jquery.com/ Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv:11.0) like Gecko
Targets
-
-
Target
2598a08f3e6cd2e12e34862b1789637a3c511492ca792caa8078d27a891201f4
-
Size
1.4MB
-
MD5
002b633a6fe2e1ed919665616c2e12ef
-
SHA1
772e56d467281cdc8f4e9a7e8096a294c97b5104
-
SHA256
2598a08f3e6cd2e12e34862b1789637a3c511492ca792caa8078d27a891201f4
-
SHA512
efe8b4a08e1975f6b3d32584acba9db78fe286193c85594e8880f2337859318b78a5dea823256b7f69a220e897ae39d927cfdd15f9e0a509cc7245c133ed3597
-
SSDEEP
24576:el7kg/YVtSaZzP7SKBdJKXSgvQqOCn8l0E0LICu5z1:MwgwVLZj7PbASgvn3n8l0E0LICu5z1
Score10/10-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
-
Cobaltstrike family
-