Overview

overview

10

Static

static

a0cc60b4fa...0f.exe

windows7-x64

3

a0cc60b4fa...0f.exe

windows10-2004-x64

3

a69cf4fa61...7f.exe

windows7-x64

10

a69cf4fa61...7f.exe

windows10-2004-x64

10

a6dbbf3d86...75.exe

windows7-x64

7

a6dbbf3d86...75.exe

windows10-2004-x64

7

a783bb9edd...09.exe

windows7-x64

10

a783bb9edd...09.exe

windows10-2004-x64

10

ac89e5c3ba...5a.exe

windows7-x64

10

ac89e5c3ba...5a.exe

windows10-2004-x64

10

b6d4c3b56c...24.exe

windows7-x64

3

b6d4c3b56c...24.exe

windows10-2004-x64

3

b91eb833de...81.exe

windows7-x64

10

b91eb833de...81.exe

windows10-2004-x64

10

b959b003c1...74.exe

windows7-x64

10

b959b003c1...74.exe

windows10-2004-x64

10

ba8824a7c7...63.exe

windows7-x64

7

ba8824a7c7...63.exe

windows10-2004-x64

7

c0f1ebcca8...4a.exe

windows7-x64

10

c0f1ebcca8...4a.exe

windows10-2004-x64

10

c3117be60e...ea.exe

windows7-x64

10

c3117be60e...ea.exe

windows10-2004-x64

10

c492754e6c...ef.exe

windows7-x64

3

c492754e6c...ef.exe

windows10-2004-x64

3

c9cc4d95ca...cd.exe

windows7-x64

10

c9cc4d95ca...cd.exe

windows10-2004-x64

10

ca4a22ce76...20.exe

windows7-x64

10

ca4a22ce76...20.exe

windows10-2004-x64

10

cb949ebe87...26.exe

windows7-x64

10

cb949ebe87...26.exe

windows10-2004-x64

10

cbc0718c3c...99.exe

windows7-x64

10

cbc0718c3c...99.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7945106126.zip

  • Size

    82.5MB

  • Sample

    220905-tbreqsbdfq

  • MD5

    3cef282c255795c782f4478d3fd4b37b

  • SHA1

    40fc869d7ae1cffb663c6afd83887df2d721b4f9

  • SHA256

    f9508e81f1ac31569646fde9e864e25212457ca62ac768e23fbb95c290950e99

  • SHA512

    415746a63b84a0aaa6b13e92549a4691187168f6b00a72b9147e413c76c5295bd4e42332fdc6e672d2f10789fdd85d43d21f7f3dff8bebd694e019bd01e60059

  • SSDEEP

    1572864:hWuxO/moG+xJDi+uqJgcGNAlfn9D7xDxnOW2qIrrSwTR+TPCvNcV9t/:hWKO/xD3uq8oVnxDxR2cwTcTKqV9t

Score
10/10
blistercobaltstrike1580103824backdoorloadertrojan

Malware Config

Extracted

Family

cobaltstrike

Botnet

1580103824

C2

http://clippershipintl.com:443/safebrowsing/sj0IWAb/YhcZADXFB3NHbxFtKgpqBtK9BllJiGEL

Attributes
  • access_type

    512

  • beacon_type

    2048

  • host

    clippershipintl.com,/safebrowsing/sj0IWAb/YhcZADXFB3NHbxFtKgpqBtK9BllJiGEL

  • http_header1

    AAAAEAAAABlIb3N0OiBDbGlwcGVyU2hpcEludGwuY29tAAAACgAAAEdBY2NlcHQ6IHRleHQvaHRtbCxhcHBsaWNhdGlvbi94aHRtbCt4bWwsYXBwbGljYXRpb24veG1sO3E9MC45LCovKjtxPTAuOAAAAAoAAAAfQWNjZXB0LUxhbmd1YWdlOiBlbi1VUyxlbjtxPTAuNQAAAAcAAAAAAAAADQAAAAIAAAAOUkVGPUlEPU5ld3NYUWUAAAAGAAAABkNvb2tpZQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=

  • http_header2

    AAAAEAAAABlIb3N0OiBDbGlwcGVyU2hpcEludGwuY29tAAAACgAAAEdBY2NlcHQ6IHRleHQvaHRtbCxhcHBsaWNhdGlvbi94aHRtbCt4bWwsYXBwbGljYXRpb24veG1sO3E9MC45LCovKjtxPTAuOAAAAAoAAAAfQWNjZXB0LUxhbmd1YWdlOiBlbi1VUyxlbjtxPTAuNQAAAAcAAAAAAAAADQAAAAIAAAAJVT1OZXdzWFFlAAAAAgAAAAdSRUY9SUQ9AAAABgAAAAZDb29raWUAAAAHAAAAAQAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=

  • http_method1

    GET

  • http_method2

    POST

  • jitter

    10240

  • polling_time

    13000

  • port_number

    443

  • sc_process32

    %windir%\syswow64\WerFault.exe

  • sc_process64

    %windir%\sysnative\WerFault.exe

  • state_machine

    MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCnCZHWnYFqYB/6gJdkc4MPDTtBJ20nkEAd3tsY4tPKs8MV4yIjJb5CtlrbKHjzP1oD/1AQsj6EKlEMFIKtakLx5+VybrMYE+dDdkDteHmVX0AeFyw001FyQVlt1B+OSNPRscKI5sh1L/ZdwnrMy6S6nNbQ5N5hls6k2kgNO5nQ7QIDAQABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==

  • unknown1

    4096

  • unknown2

    AAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==

  • uri

    /safebrowsing/ngge/ouB3ZNRVgpN4hPOh0MEyV0gxkn0KKppxZqbFRay

  • user_agent

    Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.70 Safari/537.36 Edg/78.0.276.20

  • watermark

    1580103824

Targets

    • Target

      a0cc60b4fa8f29f5410424687c8f3e60b7f7b63c632fb506d2a42be45264de0f

    • Size

      62KB

    • MD5

      bbf615854123beaa769de6ba35bc711b

    • SHA1

      8b3b697c0add54035309b23477ddf8d57b1631c3

    • SHA256

      a0cc60b4fa8f29f5410424687c8f3e60b7f7b63c632fb506d2a42be45264de0f

    • SHA512

      0ea858568307c9965c40594fd0a816eac0045b12108af7c9df4b16a82deede0a583de7148fb97f0d102d7140e6fbcbcc75e5f8ac26f11c6b0d4d72f697cb02d3

    • SSDEEP

      1536:Feesq+ubW/z4/PjoTkaPHT2eN9lfh5v/byJ:FtDbuWjXaPHT3NfZ5byJ

    Score
    3/10
    behavioral1behavioral2

    • Target

      a69cf4fa61217f8230e032089a8f56f7ebf31e4cd35124e6ad104db86851f17f

    • Size

      589KB

    • MD5

      f89d5185c912436e7c2b0ff037b55b0e

    • SHA1

      14da45680aa662216e87cc7d392cae8666c56cc9

    • SHA256

      a69cf4fa61217f8230e032089a8f56f7ebf31e4cd35124e6ad104db86851f17f

    • SHA512

      726415ccbbfecd8c58de96b7782208aedabcde2e8fc0eed73b7dc4cba914b250d909cc6d95d2c164967e1cabf8e58b82f26cee1d5aafb9281b3ed6ac84702714

    • SSDEEP

      12288:ijxthLTUxMF5Np0oLwEcMTXgdlGkPHQUoGDcm32W6G1Dv2G:uh3Ueb0cwxOEvF3r6w+G

    Score
    10/10
    blisterloader

    • BLISTER

      BLISTER is a downloader used to deliver other malware families.

      loaderblister

    • Detect Blister loader x64

      loader

    • Loads dropped DLL

    behavioral3behavioral4

    • Target

      a6dbbf3d861bcc796d59c88856aa1537ad9929bb48026eade107b1ab504dbf75

    • Size

      275KB

    • MD5

      2699d6901bf39ed2c81836e9171e90d8

    • SHA1

      a3a1d6435bd32be22c4a751f415cf87988171f71

    • SHA256

      a6dbbf3d861bcc796d59c88856aa1537ad9929bb48026eade107b1ab504dbf75

    • SHA512

      95257b9f31780f480824cb58b132628c65c4a0976328e0f3b3ea9d50bf0ce438e1b1d7ffb888da4f3a44e1fc1d981bdd3230f10a9842d8f426c671a45ab1417d

    • SSDEEP

      6144:XrjarNfw1eNQlaAQrJMKhEZ6JLi7sQcEEckscTi:7j31eal27lEsBDk

    Score
    7/10

    • Loads dropped DLL

    behavioral5behavioral6

    • Target

      a783bb9eddc40876a80504615a40e65649b910eeb0b5041ca7e8635d39b1d209

    • Size

      3.0MB

    • MD5

      40eb9bde74fea00ee1f2f4828c8045fe

    • SHA1

      8937335e51134bfc44580b6d86036724898b0bcf

    • SHA256

      a783bb9eddc40876a80504615a40e65649b910eeb0b5041ca7e8635d39b1d209

    • SHA512

      4865780df2cb52df703619177b4d6dad357dc9eecd78941e2057b4e11c83498e9027691cfc3ed0b5c66bfbd83a7805536465836453bc39ac2c8b45f66231c201

    • SSDEEP

      49152:t3XMPCONzTX+tH44VTZkMc+Jn/0IO2qaL+53OSlZyzpEf9041F+VmYo+9jX+jWkI:dCNNf6z8MHJ/0wi53DZUEfO41OmYoAj3

    Score
    10/10
    blisterloader

    • BLISTER

      BLISTER is a downloader used to deliver other malware families.

      loaderblister

    • Detect Blister loader x32

      loader

    • Loads dropped DLL

    behavioral7behavioral8

    • Target

      ac89e5c3ba69bb41f4bb4bb7f7af39514b5a211ec6b641d45408777b30c75c5a

    • Size

      572KB

    • MD5

      1ef4ef71230454934d759745e1e1240d

    • SHA1

      774012f2dd2f71d58b94faa83292503710eeb49c

    • SHA256

      ac89e5c3ba69bb41f4bb4bb7f7af39514b5a211ec6b641d45408777b30c75c5a

    • SHA512

      3445eacec6afe88214aa936ace0adec541d80c216886f3c99aa1053031a5a2eb57068c5e073e720e6db17d74ab3479a1fa49eb08e9a33feb358c1180db953098

    • SSDEEP

      12288:ojvtdyOr+WX4QbM9Vl9nlVgDlWkyRm30N9R:EjqAuy7ez

    Score
    10/10
    blisterloader

    • BLISTER

      BLISTER is a downloader used to deliver other malware families.

      loaderblister

    • Detect Blister loader x64

      loader

    • Loads dropped DLL

    behavioral9behavioral10

    • Target

      b6d4c3b56c0b12a12ff0e2baee3f46f4683f9e33a780c9631b61cf755eebc024

    • Size

      1.2MB

    • MD5

      78231d5e17cf43a5a92bfbe2bf65bef0

    • SHA1

      7a3522989f8df7d17943f8547f59daa1482a3be1

    • SHA256

      b6d4c3b56c0b12a12ff0e2baee3f46f4683f9e33a780c9631b61cf755eebc024

    • SHA512

      38868c3e6c0ed57e0543391fb0168a19adeaf47fa5b962e7865af0c8a9c1bc22ca4a43e9ab6ec5b3e6d1995d1dd520ed73438bac75872b7b3570e1cd35385f83

    • SSDEEP

      24576:jQ4ip8IriSd7C3DdYWHrM2y95o5kxI919BfQrXz7BOF:fIrriSyDLwFBxI9pf8noF

    Score
    3/10
    behavioral11behavioral12

    • Target

      b91eb833de386ea3d73d2954f0dce9fe38e4bf96594620af6c0935b9ee0d7e81

    • Size

      730KB

    • MD5

      fb22207876c27361a84dd83ebb73ad0b

    • SHA1

      7c9ec0647cf3dafba2e4e2d7f559cae1e92bbf57

    • SHA256

      b91eb833de386ea3d73d2954f0dce9fe38e4bf96594620af6c0935b9ee0d7e81

    • SHA512

      c8301e0e47ee3c3155ed5047328538a1f6a5b9de8c01b63d10efb5bfef16d2aa9b70f69a6c1dd6255b87e7b42c50af3a8a9d671e06d4d567ac8c9e4af8f8d013

    • SSDEEP

      12288:9sOol4XixHibVqWMl2Vm6d5cx4tpE3oDY1bDRwn87cLHQo4zLXBFG0r74YLtlh:9yniZqRud5ptpNiDyn4Z3XX7IOH

    Score
    10/10
    blisterloader

    • BLISTER

      BLISTER is a downloader used to deliver other malware families.

      loaderblister

    • Detect Blister loader x32

      loader

    • Loads dropped DLL

    behavioral13behavioral14

    • Target

      b959b003c1e558ff0ccf1d0f96509b155d6f86eb20caa97b470f3422494d8d74

    • Size

      1.4MB

    • MD5

      9dbbbe699a03f9a5b5fe9d9e820d36c2

    • SHA1

      5015b57d95cfacdd340d36f07076d886c3aa7e7e

    • SHA256

      b959b003c1e558ff0ccf1d0f96509b155d6f86eb20caa97b470f3422494d8d74

    • SHA512

      ed2cf8f02b79366d559dc439d062772d90f30559a680ceacab5fe764b26fc2b89704ee74f4a7a29877c087a69d85f517bb140d3efd7c01384f5750ccb5cc35ae

    • SSDEEP

      24576:D7JIUlsTxVks6Ci9BE/qdBlFE6WmV3T9NlC/ChMJJxFaQ7e3MyCn1GVkXoBv:PJxWAPh3F3JNliwQC83n6kE

    Score
    10/10
    blisterloader

    • BLISTER

      BLISTER is a downloader used to deliver other malware families.

      loaderblister

    • Detect Blister loader x32

      loader

    • Loads dropped DLL

    behavioral15behavioral16

    • Target

      ba8824a7c7b7db0f89d566719b6a2c0893158b37b5ac45dd138acbdf6d7e9d63

    • Size

      319KB

    • MD5

      fb1254fbffaa2c43968a9a9244161b48

    • SHA1

      5df4f1312886b071ce38efa442e67e64ecc0dd5c

    • SHA256

      ba8824a7c7b7db0f89d566719b6a2c0893158b37b5ac45dd138acbdf6d7e9d63

    • SHA512

      fde7690e679a30038e335c721d8cf2102221e90c1297ce13c5afb9014029252872c7ed5ddb27cf890a3a0a306add502fe77f06e9bbf6de5fd535916e71fe0ffa

    • SSDEEP

      6144:8WsOol4XijN1onpmZE8e94K4CBfsvhutda5cylYdce68BGiMtPtFbqB6A3P8/:9sOol4XiTonpWdK4B5hSHdce68BGVVFN

    Score
    7/10

    • Loads dropped DLL

    behavioral17behavioral18

    • Target

      c0f1ebcca8a8094853aa65210ddde80f6a9ffe7b3f2d75d5652b166722b3aa4a

    • Size

      695KB

    • MD5

      1fc7bfc48c95c47e06b59d795b6df6ca

    • SHA1

      2f2b5234734ecdc341572ab0cd0aa2c7df30a6da

    • SHA256

      c0f1ebcca8a8094853aa65210ddde80f6a9ffe7b3f2d75d5652b166722b3aa4a

    • SHA512

      9c70a20d66f74c4bb1c6837027b3bd3809bca7404c0d8899c90169f3da45e6a5265a9e0b4b11001a83f641f8118fd8412f64e7859cf281db813802b08e9c6ee3

    • SSDEEP

      12288:9sOol4XixHXc8cR8oxB5cD4w4k+WE97am7hA1RE1TcZVM7giqV2Ez38/CFtJlH/:9ynXHc9753w4ktSBA61ToM7giqhA/cH/

    Score
    10/10
    blisterloader

    • BLISTER

      BLISTER is a downloader used to deliver other malware families.

      loaderblister

    • Detect Blister loader x32

      loader

    • Loads dropped DLL

    behavioral19behavioral20

    • Target

      c3117be60ef780dc86581052b5e3f72969bef6471c7218e35beec60d167eb4ea

    • Size

      1.3MB

    • MD5

      dba747247bb951822f83787ecee99cef

    • SHA1

      263594a9735632dbbae539dff8bd413a92bfdf22

    • SHA256

      c3117be60ef780dc86581052b5e3f72969bef6471c7218e35beec60d167eb4ea

    • SHA512

      c51d91765c8de25572cfbb234c706ac9c47885453ee05ecf3eece236bec5d93505e3893beb4bbfeed9dc98dc970c8863d352c01991092d23a0746b0e5817628e

    • SSDEEP

      24576:cy8QxF2jYjw5eT9eD++nO18IUyLdqkFqGp8COdutaiGLpRmi+qGUPg:cwg4l9eD/OzbdFGlqGLdg

    Score
    10/10
    blisterloader

    • BLISTER

      BLISTER is a downloader used to deliver other malware families.

      loaderblister

    • Detect Blister loader x32

      loader

    • Loads dropped DLL

    behavioral21behavioral22

    • Target

      c492754e6c21e22732ad1188c511745a3eea064696dc7f351d66e3c92bd63cef

    • Size

      57KB

    • MD5

      965e509ec23296987d6886500439211c

    • SHA1

      5707cd83225a9abc81228d9379a6f786c5e40639

    • SHA256

      c492754e6c21e22732ad1188c511745a3eea064696dc7f351d66e3c92bd63cef

    • SHA512

      9a2a543237874d612aa3f8f151170798bd3edb8a9a11c4cdbdced0fa9cf119188894ac89f5121c701240d104d0a272ae1e1a51e86bd43ac98777fb8b6c0a592e

    • SSDEEP

      1536:Ceesq+ubW/z4/PjoTkaPHT2eN9lejebyE:CtDbuWjXaPHT3NfYebyE

    Score
    3/10
    behavioral23behavioral24

    • Target

      c9cc4d95ca1197328a743a41b09c2375d54ac97fcdde5e07bda660396710eccd

    • Size

      3.4MB

    • MD5

      61a5cbc68cc4f44373f088b68dc77551

    • SHA1

      a5901558d19fac101d8c11bb7a0a07cb2dd26bb5

    • SHA256

      c9cc4d95ca1197328a743a41b09c2375d54ac97fcdde5e07bda660396710eccd

    • SHA512

      e592e28a6e901030f1d3cba59a6ebe8dc1e6df51c3d3ca7e0344f627dd40e62f99ecf90270ce302962da128942a9aaf952483a52eb7b73b51f28f541bd46b6fc

    • SSDEEP

      98304:UWhQkBPK3tMxUYUZKM7ASJPoJQ8eTY3Tn/jkrmT0:UiQSNOzKM7ASJPX8eTwjkrV

    Score
    10/10
    blisterloader

    • BLISTER

      BLISTER is a downloader used to deliver other malware families.

      loaderblister

    • Detect Blister loader x32

      loader

    • Loads dropped DLL

    behavioral25behavioral26

    • Target

      ca4a22ce761737a04ebdba0fd8063a81642d7d96fea052c8debe9acf7791df20

    • Size

      3.4MB

    • MD5

      dc21a8a77238419f38f09d31ed3440b7

    • SHA1

      2a8f8431db1f03ede2c9b87eb4454b89cb0e9060

    • SHA256

      ca4a22ce761737a04ebdba0fd8063a81642d7d96fea052c8debe9acf7791df20

    • SHA512

      fddf7347f150c1908b252255dbc1a8dd254446747c4eaf7fd88eee3dc2cfdd35054d626b4e4bd7b9f74e2ff7c13d0079f4df04b5c7a8a30d712166fedfca1d7d

    • SSDEEP

      49152:NXIK9iC4wSi+OXS6mOdOsVzPa4DnkcEr3JuRU+TAyPM5Bqe2t4dpPS3AOcD65:CK9d4wb9MO1RPa44cElYThPMs8PSiG

    Score
    10/10
    blisterloader

    • BLISTER

      BLISTER is a downloader used to deliver other malware families.

      loaderblister

    • Detect Blister loader x32

      loader

    • Loads dropped DLL

    behavioral27behavioral28

    • Target

      cb949ebe87c55c0ba6cf0525161e2e6670c1ae186ab83ce46047446e9753a926

    • Size

      1.2MB

    • MD5

      755f50457416aeb7fee95a67abfea9fe

    • SHA1

      c039362e891b01040c20e75e16b02169c512aebd

    • SHA256

      cb949ebe87c55c0ba6cf0525161e2e6670c1ae186ab83ce46047446e9753a926

    • SHA512

      323fb73160be9ecfba5518a11cd32c8bf863b0e4ba27800ca0e89af986e28231311c25cf547dca6dc12790c3f9fdd0ef39363a97b616e84e61d07230dbe5e028

    • SSDEEP

      24576:jyr9LuOU3WK7/zMjWd/xlLbTkgS/rqk1E198I9yI1b:jA9L8n/zMjWd/xBTurqk1KxJ

    Score
    10/10
    blisterloader

    • BLISTER

      BLISTER is a downloader used to deliver other malware families.

      loaderblister

    • Detect Blister loader x32

      loader

    • Loads dropped DLL

    behavioral29behavioral30

    • Target

      cbc0718c3c45ed4311aec5f83572b7b92d364ab4d16bc43582e781843bdef099

    • Size

      430KB

    • MD5

      f380f09609171148b842223b439aad4c

    • SHA1

      1cb9344fdbe5bc4830adb3fe36f71e0be3a5121f

    • SHA256

      cbc0718c3c45ed4311aec5f83572b7b92d364ab4d16bc43582e781843bdef099

    • SHA512

      abd83d2ee893f3a4bd05d76a2a73d7b01609bf3d5a415e29e93822d7ee0ff46c8844a642700121b852803458f3ced247233577072a4d8c2a377aec66b4879d86

    • SSDEEP

      12288:dsOol4Xi9tQjNFrQ2RHJ2s843DdtCDVVscEfMDJ8t3+392Exh:dyxQjHHJ2s5BtYVnEfYM3eEExh

    Score
    10/10
    blistercobaltstrike1580103824backdoorloadertrojan

    • BLISTER

      BLISTER is a downloader used to deliver other malware families.

      loaderblister

    • Cobaltstrike

      Detected malicious payload which is part of Cobaltstrike.

      trojanbackdoorcobaltstrike

    • Detect Blister loader x64

      loader

    • Loads dropped DLL

    behavioral31behavioral32

MITRE ATT&CK Enterprise v6

Tasks

static1

Score
N/A

behavioral1

Score
3/10

behavioral2

Score
3/10

behavioral3

blisterloader
Score
10/10

behavioral4

blisterloader
Score
10/10

behavioral5

Score
7/10

behavioral6

Score
7/10

behavioral7

blisterloader
Score
10/10

behavioral8

blisterloader
Score
10/10

behavioral9

blisterloader
Score
10/10

behavioral10

blisterloader
Score
10/10

behavioral11

Score
3/10

behavioral12

Score
3/10

behavioral13

blisterloader
Score
10/10

behavioral14

blisterloader
Score
10/10

behavioral15

blisterloader
Score
10/10

behavioral16

blisterloader
Score
10/10

behavioral17

Score
7/10

behavioral18

Score
7/10

behavioral19

blisterloader
Score
10/10

behavioral20

blisterloader
Score
10/10

behavioral21

blisterloader
Score
10/10

behavioral22

blisterloader
Score
10/10

behavioral23

Score
3/10

behavioral24

Score
3/10

behavioral25

blisterloader
Score
10/10

behavioral26

blisterloader
Score
10/10

behavioral27

blisterloader
Score
10/10

behavioral28

blisterloader
Score
10/10

behavioral29

blisterloader
Score
10/10

behavioral30

blisterloader
Score
10/10

behavioral31

blistercobaltstrike1580103824backdoorloadertrojan
Score
10/10

behavioral32

blistercobaltstrikebackdoorloadertrojan
Score
10/10