General
-
Target
http://185.74.222.145:64
-
Sample
231216-fyd62acae9
Score
10/10
Malware Config
Extracted
Family
cobaltstrike
C2
http://185.74.222.145:676/PPDy
http://185.74.222.145:676/y6Dj
Attributes
-
user_agent
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko
Targets
-
-
Target
http://185.74.222.145:64
Score10/10-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
-
Blocklisted process makes network request
-
Downloads MZ/PE file
-
Executes dropped EXE
-
Loads dropped DLL
-