Overview

overview

10

Static

static

3

f03d783830...ac.exe

windows7-x64

10

f03d783830...ac.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f03d78383092d01e9c9e397aa6869a6e124ce8a3f53d48c6f4190bd1a22fb0ac

  • Size

    205KB

  • Sample

    240921-mjm9qaxfrj

  • MD5

    3ec38a8ad2bfb32aab3cfd7b031ea6e9

  • SHA1

    04210effbffb6bd9831852ec686333b21719dcc4

  • SHA256

    f03d78383092d01e9c9e397aa6869a6e124ce8a3f53d48c6f4190bd1a22fb0ac

  • SHA512

    d3b587e62d762aa751a2b1b9044604c79aad7256d68e1cfe8f2c48c0ed40ea72e21da5d49e198cd217340bd9e70fa5d10ddd2218fe41aa86d51c2e305d8e77e9

  • SSDEEP

    3072:i64ROzWrhaH6b4s7m9FugFeomJj7qf4A4CLlA05RjsmJ1s7hEAY:ykab4s7m9F7coMT6MhG

Score
10/10
cobaltstrikebackdoortrojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://211.101.245.50:20080/jquery-3.3.2.slim.min.js

Attributes
  • user_agent

    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Referer: http://code.jquery.com/ Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (Windows NT 6.3; Trident/7.0; rv:11.0) like Gecko

Targets

    • Target

      f03d78383092d01e9c9e397aa6869a6e124ce8a3f53d48c6f4190bd1a22fb0ac

    • Size

      205KB

    • MD5

      3ec38a8ad2bfb32aab3cfd7b031ea6e9

    • SHA1

      04210effbffb6bd9831852ec686333b21719dcc4

    • SHA256

      f03d78383092d01e9c9e397aa6869a6e124ce8a3f53d48c6f4190bd1a22fb0ac

    • SHA512

      d3b587e62d762aa751a2b1b9044604c79aad7256d68e1cfe8f2c48c0ed40ea72e21da5d49e198cd217340bd9e70fa5d10ddd2218fe41aa86d51c2e305d8e77e9

    • SSDEEP

      3072:i64ROzWrhaH6b4s7m9FugFeomJj7qf4A4CLlA05RjsmJ1s7hEAY:ykab4s7m9F7coMT6MhG

    Score
    10/10
    cobaltstrikebackdoortrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks