Overview

overview

10

Static

static

tmp.exe

windows7_x64

10

tmp.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    tmp

  • Size

    4KB

  • Sample

    220711-tgzcjadae2

  • MD5

    8fe01532bfa9803f1a9b174289c2cbbc

  • SHA1

    12f3de03fdeabbfa3ea172e25d2ca85afc4d956e

  • SHA256

    c77a81cb616c168644f35396fa8b7f64b7802f1db7e07e3d6a361471d424642d

  • SHA512

    8cad26b7f02c7a4b5536db8eb287ce89853ed76c4a94c009019d2ef4334468ee6df9ccf968baa60ebc0dbdbc25407c4852ab32cca96e465148baac7f76b49125

Score
10/10
cobaltstrikebackdoorsuricatatrojan

Malware Config

Targets

    • Target

      tmp

    • Size

      4KB

    • MD5

      8fe01532bfa9803f1a9b174289c2cbbc

    • SHA1

      12f3de03fdeabbfa3ea172e25d2ca85afc4d956e

    • SHA256

      c77a81cb616c168644f35396fa8b7f64b7802f1db7e07e3d6a361471d424642d

    • SHA512

      8cad26b7f02c7a4b5536db8eb287ce89853ed76c4a94c009019d2ef4334468ee6df9ccf968baa60ebc0dbdbc25407c4852ab32cca96e465148baac7f76b49125

    Score
    10/10
    cobaltstrikebackdoorsuricatatrojan

    • Cobaltstrike

      Detected malicious payload which is part of Cobaltstrike.

      trojanbackdoorcobaltstrike

    • suricata: ET MALWARE Possible Metasploit Payload Common Construct Bind_API (from server)

      suricata: ET MALWARE Possible Metasploit Payload Common Construct Bind_API (from server)

      suricata
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks