Overview

overview

10

Static

static

10

cobalt4.tar.gz

ubuntu-24.04-amd64

sample.tar

ubuntu-24.04-amd64

cobalt4.9/...bd.rev

ubuntu-24.04-amd64

cobalt4.9/...d-refs

ubuntu-24.04-amd64

cobalt4.9/...s/main

ubuntu-24.04-amd64

cobalt4.9/...n/HEAD

ubuntu-24.04-amd64

cobalt4.9/README.md

ubuntu-24.04-amd64

cobalt4.9/...4.9.7z

ubuntu-24.04-amd64

cobalt4.9/...7z.002

ubuntu-24.04-amd64

cobalt4.9/...7z.003

ubuntu-24.04-amd64

cobalt4.9/...7z.004

ubuntu-24.04-amd64

cobalt4.9/...7z.005

ubuntu-24.04-amd64

cobalt4.9/...7z.006

ubuntu-24.04-amd64

cobalt4.9/...7z.007

ubuntu-24.04-amd64

cobalt4.9/...7z.008

ubuntu-24.04-amd64

cobalt4.9/...nt.cmd

ubuntu-24.04-amd64

cobalt4.9/...nt.jar

ubuntu-24.04-amd64

cobalt4.9/...ent.sh

ubuntu-24.04-amd64

cobalt4.9/...e.auth

ubuntu-24.04-amd64

cobalt4.9/...ok.jar

ubuntu-24.04-amd64

cobalt4.9/...DME.md

ubuntu-24.04-amd64

cobalt4.9/..._ZH.md

ubuntu-24.04-amd64

cobalt4.9/...rImage

ubuntu-24.04-amd64

4

cobalt4.9/...c2lint

ubuntu-24.04-amd64

1

cobalt4.9/...e.auth

ubuntu-24.04-amd64

cobalt4.9/...mon.sh

ubuntu-24.04-amd64

cobalt4.9/...server

ubuntu-24.04-amd64

1

cobalt4.9/...nc.txt

ubuntu-24.04-amd64

cobalt4.9/...64.dll

ubuntu-24.04-amd64

cobalt4.9/...86.dll

ubuntu-24.04-amd64

cobalt4.9/...CN.tar

ubuntu-24.04-amd64

cobalt4.9/...919.gz

ubuntu-24.04-amd64

Analysis

  • max time kernel
    7s
  • max time network
    131s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240729-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240729-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    17-10-2024 06:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    cobalt4.9/cobalt4.9/Server/TeamServerImage

  • Size

    37.9MB

  • MD5

    ae5afcfee8026674dc8f3b4f2da46c7f

  • SHA1

    5499bacf564afd11fc95599827c2742a35fda64a

  • SHA256

    fa0b9f181f3c676d2124d4a6d2be0a12fdad5da124b8d525b8c91d747288a781

  • SHA512

    d7f047b65bda952217714ca7e2b008fd1305a126ace6194371fb772df82bf717ab021dead88e66499afe5026a94610affbbaec66ca43d3ed2ac0051d93dba51c

  • SSDEEP

    786432:8OFQcHva5w7LCO5/1eJH9iGu8Q6rmanGDnk4CGMSDtEumgRfEuKND3T0XXq:qcHvfx1eHiWQ6rnnKnk4CGYvgRfFybTu

Score
4/10
discovery

Malware Config

Signatures

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

    discovery
  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

    discovery

Processes

  • /tmp/cobalt4.9/cobalt4.9/Server/TeamServerImage
    /tmp/cobalt4.9/cobalt4.9/Server/TeamServerImage
    1⤵
    • Reads system network configuration
    • Reads runtime system information
    PID:2522

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads