cobaltstrike | 89deb42ce8627126769e072cfeee490ec71cb980e311bec2664cc58cd33c4b5f | Triage

Submit
Reports

Overview

overview

Static

static

s.bat

windows7_x64

1

s.bat

windows10_x64

Resubmissions

04-11-2021 15:43

211104-s5xyyaghf7 10

04-11-2021 15:05

211104-sf9w7sghb7 10

Sharing

General

Target

flaw.zip
Size

2KB
Sample

211104-sf9w7sghb7
MD5

eada2200264d2f7049a6565657572411
SHA1

364d2f1616eb714004fe1b3dcc6f45b83e559697
SHA256

89deb42ce8627126769e072cfeee490ec71cb980e311bec2664cc58cd33c4b5f
SHA512

577695e37dc5144c00bf56c4ff75f2e3b5336c8b2720d751459d09e64e5af3a2f6cd6d6b28c398c276c676b1bd5277be9a1665b9d07e2ddc2a157734172d6e11

Score

10^/10

cobaltstrike flawedgracerat reflectivegnome backdoor downloader loader persistence rat trojan

Static task

static1

downloader reflectivegnome

Behavioral task

behavioral1

Sample

s.bat

Resource

win7-en-20210920

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

s.bat

Resource

win10-en-20211014

cobaltstrike flawedgracerat backdoor loader persistence rat trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  s.bat
- Size
  
  88B
- MD5
  
  d69a52a259d3ed368cb3133745839e8b
- SHA1
  
  601a7608e6fc25fee199eed858f97748a308f2ff
- SHA256
  
  db4e4564fece5cd02bc4278237b09fe674e91d0f2b73e7f5cfb3a29471f192e7
- SHA512
  
  5159241ad07b297e500b83d9874eb001fe149d6819e123d1d32b3364a9f55830539abd98a8256b747054f238c1869560144521a1d6b05970a1e38f63527a9715
Score

10^/10

cobaltstrike flawedgracerat backdoor loader persistence rat trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
- FlawedGraceRAT
  FlawedGrace is a full-featured RAT written in C++.
  rat flawedgracerat
- Registers COM server for autorun
  persistence
- FlawedGraceRat Backdoor
  Detects FlawedGraceRat x64 backdoor in memory.
  backdoor
- FlawedGraceRat Loader
  Detects FlawedGraceRat x64 loader in memory.
  loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

downloaderreflectivegnome

behavioral1

behavioral2

cobaltstrikeflawedgraceratbackdoorloaderpersistencerattrojan

© 2018-2024

Terms | Privacy