Overview

overview

10

Static

static

1cf5710e50...d9.dll

windows7_x64

10

1cf5710e50...d9.dll

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1cf5710e500a423b84b51fa3afdd923fe0a8255c5817d3238175623e2ebbfad9

  • Size

    688KB

  • Sample

    201212-5gtnps32px

  • MD5

    a91bf61cc18705be2288a0f6f125068f

  • SHA1

    d535de08875cef1c49bfa2532281fa1254a8cb93

  • SHA256

    1cf5710e500a423b84b51fa3afdd923fe0a8255c5817d3238175623e2ebbfad9

  • SHA512

    a7c9a05f0d1a2b868ec608ac4dc116fd79fb36728bc4f371e9eab3cadb869b6ac53dd97cbf64a7d18ce237430cdd08f64ebab7b68ac39f3bf486d772be3a96dc

Score
10/10
cobaltstrikebackdoortrojan

Malware Config

Targets

    • Target

      1cf5710e500a423b84b51fa3afdd923fe0a8255c5817d3238175623e2ebbfad9

    • Size

      688KB

    • MD5

      a91bf61cc18705be2288a0f6f125068f

    • SHA1

      d535de08875cef1c49bfa2532281fa1254a8cb93

    • SHA256

      1cf5710e500a423b84b51fa3afdd923fe0a8255c5817d3238175623e2ebbfad9

    • SHA512

      a7c9a05f0d1a2b868ec608ac4dc116fd79fb36728bc4f371e9eab3cadb869b6ac53dd97cbf64a7d18ce237430cdd08f64ebab7b68ac39f3bf486d772be3a96dc

    Score
    10/10
    cobaltstrikebackdoortrojan

    • Cobaltstrike

      Detected malicious payload which is part of Cobaltstrike.

      trojanbackdoorcobaltstrike

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

1
T1130

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks