Extracted

• • Target

    84d890d782e708716789674e1110e23290193365a2bdc9b459624980b795fc12

  • Size

    2.2MB

  • MD5

    c6f67984f9807ce58ccb398f20323592

  • SHA1

    38eb0d57080dd5d253f808ef54ae7c97a16d8eb1

  • SHA256

    84d890d782e708716789674e1110e23290193365a2bdc9b459624980b795fc12

  • SHA512

    3f9379ef8675c0d546beebd806efe31fbdb0737bf8c4258da85aada9652517b8d4a43a4928a8b0c00486dc56c529e604169739eaae8af67404e21aec1cd0b852

  • SSDEEP

    24576:YK+St9MhZVgXIv2fMHW3IPenkXO3gwfcApj8594jSahuicncgajQIJo1Mfs0CoJM:0EMqjyKUcgA+KsNoJHz+PRn3b

  Score

  10^/10

  cobaltstrikebackdoorpersistencetrojan

  • Cobaltstrike

    Detected malicious payload which is part of Cobaltstrike.

    trojanbackdoorcobaltstrike

  • Modifies Installed Components in the registry

    persistence

  • Enumerates connected drives

    Attempts to read the root path of hard drives other than the default C: drive.

  behavioral1behavioral2