b0b21ad60adea461c529acfcea841fea9d1fb882cee8441d9223703aea503744 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cobaltstrike.exe
Size

882KB
Sample

240513-nvjaksdg77
MD5

d0bf7f5cae8c06378d5f3e748490d88a
SHA1

0e469e8bfd99eaf5ea78d9dca7594d5c85ef6173
SHA256

b0b21ad60adea461c529acfcea841fea9d1fb882cee8441d9223703aea503744
SHA512

f97288c12fd18e5529e641efb263e195d4372db69d5d81ad9d70b29829381ed81067e0204b66970cd415288c113a35d2020dc088ec2a63db62f8ecfdcef547da
SSDEEP

12288:wspvpZHZ08Y1eu88MaLiGWBKlYR8P7zaBiKuroDl:Lpz8CaLYB6P7giel

Score

7^/10

Malware Config

Targets

- Target
  
  cobaltstrike.exe
- Size
  
  882KB
- MD5
  
  d0bf7f5cae8c06378d5f3e748490d88a
- SHA1
  
  0e469e8bfd99eaf5ea78d9dca7594d5c85ef6173
- SHA256
  
  b0b21ad60adea461c529acfcea841fea9d1fb882cee8441d9223703aea503744
- SHA512
  
  f97288c12fd18e5529e641efb263e195d4372db69d5d81ad9d70b29829381ed81067e0204b66970cd415288c113a35d2020dc088ec2a63db62f8ecfdcef547da
- SSDEEP
  
  12288:wspvpZHZ08Y1eu88MaLiGWBKlYR8P7zaBiKuroDl:Lpz8CaLYB6P7giel
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2