General
-
Target
2024-07-24_11cd9ed8b86a500d103fc154b22755dc_cobalt-strike_poet-rat_snatch
-
Size
19.0MB
-
Sample
240724-zgz7qayere
-
MD5
11cd9ed8b86a500d103fc154b22755dc
-
SHA1
c2b20aa1ac327644eb4bb959b594930afbb80a65
-
SHA256
b199b398fd10ac1cdf2cc58ce8467865af92babea312cc5306758e806f30cfe9
-
SHA512
24e29bb6cdc585c77954d331efc596d8dabd76ee43134e4d5eb8c01a9feb06703c321eb70398308f4f1844b934ad7e31ede4dad7f0c5d0cdc7005f0f16e078e8
-
SSDEEP
98304:zYbqowc+TxIucEySbvKYsnltrpvAjn5Nerf54Pe3EBJoNxX7+lwi3jKMJukLOyRo:8PaySbyYurpvmVG0LoP7vsJdWWcfn
Behavioral task
behavioral1
Sample
2024-07-24_11cd9ed8b86a500d103fc154b22755dc_cobalt-strike_poet-rat_snatch.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
2024-07-24_11cd9ed8b86a500d103fc154b22755dc_cobalt-strike_poet-rat_snatch.exe
Resource
win10v2004-20240709-en
Malware Config
Extracted
cobaltstrike
http://165.154.33.10:3333/XXXXXX
-
user_agent
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; ) AppleWebKit/534.12 (KHTML, like Gecko) Maxthon/3.0 Safari/534.12
Targets
-
-
Target
2024-07-24_11cd9ed8b86a500d103fc154b22755dc_cobalt-strike_poet-rat_snatch
-
Size
19.0MB
-
MD5
11cd9ed8b86a500d103fc154b22755dc
-
SHA1
c2b20aa1ac327644eb4bb959b594930afbb80a65
-
SHA256
b199b398fd10ac1cdf2cc58ce8467865af92babea312cc5306758e806f30cfe9
-
SHA512
24e29bb6cdc585c77954d331efc596d8dabd76ee43134e4d5eb8c01a9feb06703c321eb70398308f4f1844b934ad7e31ede4dad7f0c5d0cdc7005f0f16e078e8
-
SSDEEP
98304:zYbqowc+TxIucEySbvKYsnltrpvAjn5Nerf54Pe3EBJoNxX7+lwi3jKMJukLOyRo:8PaySbyYurpvmVG0LoP7vsJdWWcfn
Score1/10 -