Extracted

• • Target

    2210b4049adfc3b0e043b7be576860970e43ef66f71a4d57244bc4bc6e6c936c

  • Size

    1.7MB

  • MD5

    71eb13eb1390d8cfd2abbc453e5a3030

  • SHA1

    989772d227c27bf7e47e4b0d89492777514b4af5

  • SHA256

    2210b4049adfc3b0e043b7be576860970e43ef66f71a4d57244bc4bc6e6c936c

  • SHA512

    f093949be937acb2417a9cddb1321ee5cce08304ab65e6f27a173e09eff9b0ca6cc88fb2aabfcfffeedf7afabd3ee4f99c1ad1d0c98b043a8aee17e9bf50c2cb

  • SSDEEP

    49152:4ZB1G8YQd3Ik9S91M2V/tZ8YzBigAKScJViCAZ:m3Gid3d9CM2V/tZhzQpcJVVAZ

  Score

  10^/10

  cobaltstrikebackdoortrojan

  • Cobaltstrike

    Detected malicious payload which is part of Cobaltstrike.

    trojanbackdoorcobaltstrike

  • Cobaltstrike family

    cobaltstrike

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  behavioral1behavioral2