Static task
static1
Behavioral task
behavioral1
Sample
43fb4c1abaa3a8d79300fcc9eb12214a0b821ffe32f6389cd5e45ba5360e06aa.exe.dll
Resource
win7v20201028
windows7_x64
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
43fb4c1abaa3a8d79300fcc9eb12214a0b821ffe32f6389cd5e45ba5360e06aa.exe.dll
Resource
win10v20201028
windows10_x64
0 signatures
0 seconds
General
-
Target
4abd5dd8377e5810116f3665bd8d92f0.zip
-
Size
125KB
-
MD5
0d88f653d7e663779aa40f738626c3c3
-
SHA1
faa0afa395b20cda8e66ffe8580cfff96925bb21
-
SHA256
0436aa3ca7a866433ad800a72ccf479f62e68d966d1363113b1a290fead72137
-
SHA512
2f5e6512e7a0eea830f5126ee43f381a6ec0cde8471edc8855fc15b02d0c6cd852fa0e3b4af376efe37e69e1f2f21a51178eac8172795b9676fbbf760291a46e
Score
10/10
Malware Config
Extracted
Family
cobaltstrike
Attributes
-
access_type
0
-
beacon_type
0
-
create_remote_thread
0
-
day
0
-
dns_idle
0
-
dns_sleep
0
- host
- http_header1
- http_header2
- http_method1
- http_method2
- injection_process
-
jitter
0
-
maxdns
0
-
month
0
- pipe_name
-
polling_time
0
-
port_number
0
- proxy_password
- proxy_server
- proxy_username
- sc_process32
- sc_process64
- state_machine
-
unknown1
0
- unknown2
-
unknown3
0
-
unknown4
0
-
unknown5
0
- uri
- user_agent
-
year
0
Signatures
-
Cobaltstrike family
Files
-
4abd5dd8377e5810116f3665bd8d92f0.zip.zip
Password: infected
-
43fb4c1abaa3a8d79300fcc9eb12214a0b821ffe32f6389cd5e45ba5360e06aa.exe.dll windows x64