Overview

overview

10

Static

static

3

fbda0d9039...1e.dll

windows7-x64

10

fbda0d9039...1e.dll

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    fbda0d9039c87e91e4dd2d6311fe45964b570adedac228d9fd4e3b8c26c4151e

  • Size

    17KB

  • Sample

    231010-14nb4sef8z

  • MD5

    f976f9911ac34ddddd02f5bb7c9dc62f

  • SHA1

    fd72757f839e78f010756b55a4ea944594f92b66

  • SHA256

    fbda0d9039c87e91e4dd2d6311fe45964b570adedac228d9fd4e3b8c26c4151e

  • SHA512

    e0d7ecefb1c0faecfa2408fd4da9f599d95a365d4e939ac5c5b0a4a7760059dd8d4723c2f0c853d324e7e3d3891fae75cd81eddc7ddd0e8f70532ded77bf0899

  • SSDEEP

    384:2J6OALF4yo8YDHymwh1/DOeUc/bYHtQ1Nna4x1+:243pk8YU/DOeUc/bYHtY

Score
10/10
cobaltstrikebackdoortrojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.20.220:443/jquery-3.3.2.slim.min.js

Attributes
  • user_agent

    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Referer: http://code.jquery.com/ Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv:11.0) like Gecko

Targets

    • Target

      fbda0d9039c87e91e4dd2d6311fe45964b570adedac228d9fd4e3b8c26c4151e

    • Size

      17KB

    • MD5

      f976f9911ac34ddddd02f5bb7c9dc62f

    • SHA1

      fd72757f839e78f010756b55a4ea944594f92b66

    • SHA256

      fbda0d9039c87e91e4dd2d6311fe45964b570adedac228d9fd4e3b8c26c4151e

    • SHA512

      e0d7ecefb1c0faecfa2408fd4da9f599d95a365d4e939ac5c5b0a4a7760059dd8d4723c2f0c853d324e7e3d3891fae75cd81eddc7ddd0e8f70532ded77bf0899

    • SSDEEP

      384:2J6OALF4yo8YDHymwh1/DOeUc/bYHtQ1Nna4x1+:243pk8YU/DOeUc/bYHtY

    Score
    10/10
    cobaltstrikebackdoortrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks