Overview

overview

10

Static

static

10

d3185e082a...08.exe

windows7-x64

1

d3185e082a...08.exe

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d3185e082a5040bba4c4d9ff186b3bdd83a884f932cc7b6f71ef674d089e7f08

  • Size

    368KB

  • MD5

    d84500121694675523090c3a521d3973

  • SHA1

    80b9b9c2f01d552a6819a73be9b04338b843cab0

  • SHA256

    d3185e082a5040bba4c4d9ff186b3bdd83a884f932cc7b6f71ef674d089e7f08

  • SHA512

    8614d939ceffac3f3de8d3e17dd9315c3e89d6e3c041fe6e257f91bbb398fc125122a1984aa1a01a47b17315e43779d3a3876b172e96fcb65762d899899abbaa

  • SSDEEP

    6144:tbWnvu4x/KLtiXhBKzW6rmwcjRy6k00uRAx/9KlG3n:tbWnv7/KLtiXhBK7z00uRAxMG3

Score
10/10
cobaltstrike

Malware Config

Extracted

Family

cobaltstrike

C2

http://198.46.131.121:7111/1Swb

Attributes
  • user_agent

    User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; InfoPath.1)

Signatures

  • Cobaltstrike family
    cobaltstrike
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • d3185e082a5040bba4c4d9ff186b3bdd83a884f932cc7b6f71ef674d089e7f08
    .exe windows:6 windows x64 arch:x64

    254deda0908808e6b370c0bd82a57f47


    Headers

    Imports

    Sections