Overview

overview

7

Static

static

3

SecuriteIn...81.exe

windows7-x64

1

SecuriteIn...81.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SecuriteInfo.com.BScope.Backdoor.CobaltStrike.15099.1481.exe

  • Size

    41.4MB

  • Sample

    240314-lfdensgd6x

  • MD5

    7c35b6fa0323ffdaaa1b245ae8bbde18

  • SHA1

    900f6ea58fac258b91fc181b7232a803a81f0ccd

  • SHA256

    6b239c83ea153106b3dc8305146e6d0a242004e992e170cf217d9604307ef4c3

  • SHA512

    3047c183489be82eb401d8cd2a7ffd926548ffad28e4c5e369ac675ff1bbe93047102bf242d824e0a7377aa98695735c7ec1ce3d1010b353ce6bd3e0ed6dd3e9

  • SSDEEP

    393216:HMhfZTrUBaUQi7zqrDfZ9EcrzhpP3ZvkCrPCfR6:of1F5iapP3KAPCfA

Score
7/10

Malware Config

Targets

    • Target

      SecuriteInfo.com.BScope.Backdoor.CobaltStrike.15099.1481.exe

    • Size

      41.4MB

    • MD5

      7c35b6fa0323ffdaaa1b245ae8bbde18

    • SHA1

      900f6ea58fac258b91fc181b7232a803a81f0ccd

    • SHA256

      6b239c83ea153106b3dc8305146e6d0a242004e992e170cf217d9604307ef4c3

    • SHA512

      3047c183489be82eb401d8cd2a7ffd926548ffad28e4c5e369ac675ff1bbe93047102bf242d824e0a7377aa98695735c7ec1ce3d1010b353ce6bd3e0ed6dd3e9

    • SSDEEP

      393216:HMhfZTrUBaUQi7zqrDfZ9EcrzhpP3ZvkCrPCfR6:of1F5iapP3KAPCfA

    Score
    7/10

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    • Looks up external IP address via web service

      Uses a legitimate IP lookup service to find the infected system's external IP.

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks