General

  • Target

    2024-04-16_ea5afff16dc32008d5ae4059615fff01_cobalt-strike_lockbit

  • Size

    195KB

  • MD5

    ea5afff16dc32008d5ae4059615fff01

  • SHA1

    52f4b17228226eb42e703c639876e81816ba4d25

  • SHA256

    a60470819fb115732df05840d5ef094efe1294b3ca6e2df55d6b0b9209018433

  • SHA512

    891558a0fbfb005b2897ada55009312180ddc3974dd4d0cbf59771a1b99315eb2dbbc4983de7aea81a91d07dd5d279fe30dd3276bf54f8f62837b7db7eb9dc0f

  • SSDEEP

    3072:FZdin/M0UunOvKYs0xwuiFhzQsDK8TlTIBZLIeZpxw31PPUn1ppYl7Pt9qWIPxM:lMOv6X5hQs+8ZTIBZMePxw3VUpOnqF

Score
10/10

Malware Config

Signatures

  • Detects Windows exceutables bypassing UAC using CMSTP COM interfaces. MITRE (T1218.003) 1 IoCs
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2024-04-16_ea5afff16dc32008d5ae4059615fff01_cobalt-strike_lockbit
    .exe windows:6 windows x64 arch:x64

    e3fe2edc485ff857014c71233fc13627


    Headers

    Imports

    Sections