2299ff9c7e5995333691f3e68373ebbb036aa619acd61cbea6c5210490699bb6

Metadata

SHA256: 2299ff9c7e5995333691f3e68373ebbb036aa619acd61cbea6c5210490699bb6
Difficulty: medium
Platform: Windows
Tags: apt js kopiluwak macro office turla vba
Likes: 0
Views: 4
Submitter: struppigel

Analysis

Goal

Create a C2 extractor using a Python script, binary refinery pipeline or CyberChef recipie

Description

This file consists of several layers. Unpack them all until you reach the backdoor. Then extract the C2 URL.
The decryption of each layer is relatively straight forward.

Recommended Tools

astexplorer binary refinery oletools

Solutions

No solutions available yet.

Sample