Overview

overview

10

Static

static

3

...64.dll

windows7-x64

1

...64.dll

windows10-2004-x64

10

...eg.dll

windows7-x64

1

...eg.dll

windows10-2004-x64

1

...ѧ.exe

windows7-x64

1

...ѧ.exe

windows10-2004-x64

10

Resubmissions

20-07-2023 06:12

230720-gyc5eadf7x 10

07-12-2022 01:02

221207-bdw4wsdf7t 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    简历.zip

  • Size

    168KB

  • Sample

    230720-gyc5eadf7x

  • MD5

    f1c56cc405029826cf7a21a1394bf18e

  • SHA1

    1b9080ac30d6fc8963457e90aa9d5e56bb7eace0

  • SHA256

    4e7a06b20666a62613cca9f75ae58a35cfc5d721c05c8b435170a4e8024ba87e

  • SHA512

    31597e85de1b58bfadc88f2b79bc0f7dcaa79d8d63cdb4517cb35f7d99df643ab34b096931af44029e3c16c5ed6a183437009a4dc144c65cbf15034c7c6caa53

  • SSDEEP

    3072:v0qEgiHe4UvUmvUVCn/CudT8opk05O/q9hLLePw/95HMxlvFiqbM9PjX:nQewOv/DqoXQ/q9hvX15HMxl08OjX

Score
10/10
cobaltstrikebackdoortrojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://service-5r35x0x0-1310046338.gz.apigw.tencentcs.com:443/result_78adc45.js

Attributes
  • user_agent

    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36

Targets

    • Target

      /active_desktop_render_x64.dll

    • Size

      13KB

    • MD5

      802122880994c08598f9ab890a14656f

    • SHA1

      398bdb1ddcb7cffa7706aedc09e117cc9286571a

    • SHA256

      dd1bbf4398fa863265964364214440a7c2fb89ddd94a75aef501f48981e04eb0

    • SHA512

      049a9411411f76bd22c6c4212735b8ab893cd24ddb995f863b1df7b23faedbccd7151ed62e2b4c763a92ebd0c1c5008392c9e75002c31c13eb3bee5bbde20937

    • SSDEEP

      192:C603547TMTCmEwrm0iTC0g1ORZkBToGwQt7KxHDv3:c35403Ewf66OPkNLKx

    Score
    10/10
    cobaltstrikebackdoortrojan
    behavioral1behavioral2

    • Target

      /ffmpeg.dll

    • Size

      260KB

    • MD5

      ea8cf3d80635d6b31999546b40ed1b47

    • SHA1

      909f035afd3fdacad26467341ece9d21cf8c0db1

    • SHA256

      70a9058a84cf7a5492224b2658fa4716a448e60e872981ed29c4478b1fa517c1

    • SHA512

      0fc9089a3acdaa0c948a7ba61ee8d960b9646e8353c1e225987452fa2f609b08a467e09f86e572bd46e8c135badb88d0b90fba6e9f250c6c3ae9f1de586c807d

    • SSDEEP

      3072:mqvsf9DcYb/QWoIDTTmXateQ3fDfGY9D8OFY+M7hKnZXTAGUcLaAm2mvFGvMnL5:Xsf9oWDTqXOjPDfGUDPFYRhgZNm2STN

    Score
    1/10
    behavioral3behavioral4

    • Target

      /ƹרԱ- -ϴѧ .exe

    • Size

      97KB

    • MD5

      b2a2f21647de829af536ae7b52ee9be9

    • SHA1

      013f65f5f82b9dd07b9cc1e1245194ce73d95fcf

    • SHA256

      9643444b80f6f6172ff0bd830a46ed56d9de1033d5452336be2b5b9d42a35037

    • SHA512

      a95110bd1c3e764a753986476cfd7c11e5fe45b6f8f87f5b42b9e79084535abad9d5c072885f827e6fe61201723e84e832b924d22786f8ff3c65a7b8b3fde7d6

    • SSDEEP

      1536:CLT11uyRFNsa9N/urOKwjAEHxPNgE71R48suYjsW4dVRRD7XDXzZ:2TzuyRFNN9N/wwjtHxv+uYsVRJTbt

    Score
    10/10
    cobaltstrikebackdoortrojan
    behavioral5behavioral6

MITRE ATT&CK Matrix

Tasks