Overview

overview

10

Static

static

3

dc995ac144...52.exe

windows7-x64

7

dc995ac144...52.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    b86af5012dbcece105e62075b6001b2c.bin

  • Size

    12.8MB

  • Sample

    231012-vkx5bafb22

  • MD5

    7c16228a6ba3e917a98155989fbb0610

  • SHA1

    2a2dd8f15be9018240cdccae486afdffba10cf84

  • SHA256

    2e8ef32f6b7edb62dd9a705ec6072be508c20f5f31db1507606d2e0463649db3

  • SHA512

    476ab8914de446ed35c49590473c5dbf5065072f0f2d88e8886d0dbe6f1dc2263fba24b82887ab6a4fa412cf4fdb408caa8eb5957ac8ddbb98e6cc6563d8e4f0

  • SSDEEP

    196608:cB+gZepmQslZ41UVvYdC/9EoqBqTikvsSROLmmkzBgLwXFsXYbX29fh:cBBylC41UVAdC/9IBqOvkzBgEXfG9fh

Score
10/10
cobaltstrikebackdoorpyinstallertrojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://111.231.31.198:443/OIvO

Attributes
  • user_agent

    User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0; BOIE9;ENUS)

Targets

    • Target

      dc995ac1448564b5ab4ddab43cef6eca758a1cc2a5a95984036371175248fb52.exe

    • Size

      13.0MB

    • MD5

      b86af5012dbcece105e62075b6001b2c

    • SHA1

      08a611b93742c90d8cc84fa74109041e119294f5

    • SHA256

      dc995ac1448564b5ab4ddab43cef6eca758a1cc2a5a95984036371175248fb52

    • SHA512

      bb77eff17eb10760c79e2d5fc097cd11952c98c3535d62e4238a523e63356b79358825cdce85360062b40c2dfee1208cdb6283f0a52787c3cd3ca942bd5cdf8f

    • SSDEEP

      196608:y+YCvGaaVhTDfyGex21X5Sp6GemDMPwNUXIZVPWqGwCu2DASNsPRS5kib55CRNYy:tYC+aaVBDfDeMpfaMPO9oueSg225zv

    Score
    10/10
    cobaltstrikebackdoortrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks