Overview

overview

10

Static

static

data.exe

windows7_x64

10

data.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    data.exe

  • Size

    278KB

  • Sample

    210125-4nt6pbx182

  • MD5

    04d4a539df2194a467cbfda3e6644775

  • SHA1

    0da329537c48e05bd23c855873e3f78b97888256

  • SHA256

    2f8571d423e2af665fecf616c284491982acd4d3ab59a4ceb0790fa713266376

  • SHA512

    340ebc98236ec6bbfa3087c3960a64c8e0d51edb33dda4f5dfb9033c8eb39c69abba16eee0ffeee8d1fadb0212a7e5151472ee8ebec9dffdc21bab9f6b5701a0

Score
10/10
cobaltstrikebackdoortrojan

Malware Config

Extracted

Family

cobaltstrike

Attributes
  • beacon_type

    512

  • http_header1

    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==

  • http_header2

    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==

  • pipe_name

    \\.\pipe\rpc_5532

  • polling_time

    10000

  • port_number

    4444

  • sc_process32

    %windir%\syswow64\runonce.exe

  • sc_process64

    %windir%\sysnative\runonce.exe

  • state_machine

    MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2luHD+JbqvibQS5tPQIy9cb7lhK2ucKJMC8YzEwqq0xGKpZTGCge+I7+nqtk/ZzFtZZFNWVv2L77o9ZQ+y5Ayr/5yM5Q8sweoM1F196QP2jtsWArvVzAAaHXWAripKWk0Krj8faZQBW7wQZJ71F36hXQR/07FCFq1LwD/fzH8JwIDAQABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==

  • unknown1

    4096

  • unknown2

    AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==

Targets

    • Target

      data.exe

    • Size

      278KB

    • MD5

      04d4a539df2194a467cbfda3e6644775

    • SHA1

      0da329537c48e05bd23c855873e3f78b97888256

    • SHA256

      2f8571d423e2af665fecf616c284491982acd4d3ab59a4ceb0790fa713266376

    • SHA512

      340ebc98236ec6bbfa3087c3960a64c8e0d51edb33dda4f5dfb9033c8eb39c69abba16eee0ffeee8d1fadb0212a7e5151472ee8ebec9dffdc21bab9f6b5701a0

    Score
    10/10
    cobaltstrikebackdoortrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks