Overview

overview

10

Static

static

10

4e2253b89d...a1.exe

windows7-x64

10

4e2253b89d...a1.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    4e2253b89dfb4af6ba3d6e53304aa225febc6c0740ba554e9abd4fcb7c8f2ca1

  • Size

    5KB

  • MD5

    52e182ea795c51d6057d3f8157105601

  • SHA1

    8f1fad181a5abe2c3097ae12ab4866a9ae3d2c34

  • SHA256

    4e2253b89dfb4af6ba3d6e53304aa225febc6c0740ba554e9abd4fcb7c8f2ca1

  • SHA512

    33bd3b2d19bc57d92b2530a849e18c4780d885b422a0f7ee4958028e8d8d0d026bdb1187d04a9a7e44cc5758d0611bb012acc572abc983aa91ce64ac95eceb4b

  • SSDEEP

    48:6UeqFE/alo2eEImCTBhPIALnSvkR9C3EdvAwI11wPLx9tEOPulUJ0lgI:JK/alQaqPPnTS87C3EVrI11GLpsyJ0l

Score
10/10
cobaltstrike

Malware Config

Extracted

Family

cobaltstrike

C2

http://208.87.206.183:8888/9Tcm

Attributes
  • user_agent

    User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727)

Signatures

  • Cobaltstrike family
    cobaltstrike
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 4e2253b89dfb4af6ba3d6e53304aa225febc6c0740ba554e9abd4fcb7c8f2ca1
    .exe windows:4 windows x86

    f34d5f2d4577ed6d9ceec516c1f5a744


    Headers

    Imports

    Sections