Overview

overview

10

Static

static

10

2025-03-21...at.exe

windows7-x64

10

2025-03-21...at.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-03-21_5a7350eb3cd5bb1ad78caf7d1b629c97_amadey_cobalt-strike_poet-rat

  • Size

    5.9MB

  • MD5

    5a7350eb3cd5bb1ad78caf7d1b629c97

  • SHA1

    c63dbef2fc2692132357acdf06e03a107e422892

  • SHA256

    8a59c81c7e71139828822e313dbe9c44efe8c6e8c36baf6a5e8444d164e08ecd

  • SHA512

    00e85d8f48875204c01c9cf5b032e60b6c0cb68f8cd3820578e8f913e1a646336ec4adcf416a52ed451d53ec8ee1782b3e24ac68650704420934ad80d18fffa4

  • SSDEEP

    98304:oemTLkNdfE0pZrD56utgpPFotBER/mQ32lUr:T+q56utgpPF8u/7r

Score
10/10
minerupxxmrigcobaltstrike

Malware Config

Signatures

  • Cobaltstrike family
    cobaltstrike
  • XMRig Miner payload 1 IoCs
    miner
  • Xmrig family
    xmrig
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2025-03-21_5a7350eb3cd5bb1ad78caf7d1b629c97_amadey_cobalt-strike_poet-rat
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections