Overview

overview

10

Static

static

10

cobalt2.ps1

windows7-x64

8

cobalt2.ps1

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cobalt2.zip

  • Size

    2KB

  • Sample

    220716-l3q92sbgfp

  • MD5

    c10c92f3f091ded1eaa79c6813f558ba

  • SHA1

    30c0359321586703f941984c7e6bc2f0c7f4af86

  • SHA256

    9df082131558420cde6a0c93a61c235728f49de184549260f0a3596337c07bf5

  • SHA512

    d1f79dcb43c19b9e1918c9abd0d0f7e0270615e797c5b1e7980d61d2716129191792934ef169b3c050cea52bfab1166429f5c6eeccee11c362f08f37248f39ab

Score
10/10
metasploit

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://widisusez.com:443/design/sources/BP2NKQRYF2NI

Targets

    • Target

      cobalt2.ps1

    • Size

      3KB

    • MD5

      5816bf8947b292fd5837d340fae832d0

    • SHA1

      030b8d8abf08be5d099d8a522d3011963fd84246

    • SHA256

      b9dc6cb759631733b4911dff24e61a73d56e47e01d218c7f219b2811cb93e249

    • SHA512

      3968e37b2156ffa1f02681d117719670084bf1444dd09e65d2da62ae8740b1c3d040cbbf0c05c6596e281d564ebb0d392e64b644482ef49764abd7b85fd87370

    Score
    8/10

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks