General
-
Target
2025-03-30_9fd23662e61a939ac926abbd8169cbc2_amadey_cobalt-strike_poet-rat_smoke-loader
-
Size
5.9MB
-
Sample
250330-tqn8xsvkx7
-
MD5
9fd23662e61a939ac926abbd8169cbc2
-
SHA1
093f96c6cfcfcfa6299f31b618b43dd8509d37ac
-
SHA256
0ca3d1d0a7e31f909b9576d3f0ba861ce0a0767cf9ba24c62d61ebf7ead7e84d
-
SHA512
e3f273dfaac2d2475936a09dfa5322e2cf87465ef357776579f5a075e76f379a9fa5e3de9a0df3896543e0485de4ce9c0a2023b8a79260cbce673f3d15f323dc
-
SSDEEP
98304:oemTLkNdfE0pZrD56utgpPFotBER/mQ32lU5:T+q56utgpPF8u/75
Malware Config
Targets
-
-
Target
2025-03-30_9fd23662e61a939ac926abbd8169cbc2_amadey_cobalt-strike_poet-rat_smoke-loader
-
Size
5.9MB
-
MD5
9fd23662e61a939ac926abbd8169cbc2
-
SHA1
093f96c6cfcfcfa6299f31b618b43dd8509d37ac
-
SHA256
0ca3d1d0a7e31f909b9576d3f0ba861ce0a0767cf9ba24c62d61ebf7ead7e84d
-
SHA512
e3f273dfaac2d2475936a09dfa5322e2cf87465ef357776579f5a075e76f379a9fa5e3de9a0df3896543e0485de4ce9c0a2023b8a79260cbce673f3d15f323dc
-
SSDEEP
98304:oemTLkNdfE0pZrD56utgpPFotBER/mQ32lU5:T+q56utgpPF8u/75
Score10/10-
Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
-
Cobaltstrike family
-
Xmrig family
-
xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
-
XMRig Miner payload
-
Executes dropped EXE
-
Loads dropped DLL
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-