Overview

overview

10

Static

static

10

2025-03-30...er.exe

windows7-x64

10

2025-03-30...er.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-03-30_9fd23662e61a939ac926abbd8169cbc2_amadey_cobalt-strike_poet-rat_smoke-loader

  • Size

    5.9MB

  • MD5

    9fd23662e61a939ac926abbd8169cbc2

  • SHA1

    093f96c6cfcfcfa6299f31b618b43dd8509d37ac

  • SHA256

    0ca3d1d0a7e31f909b9576d3f0ba861ce0a0767cf9ba24c62d61ebf7ead7e84d

  • SHA512

    e3f273dfaac2d2475936a09dfa5322e2cf87465ef357776579f5a075e76f379a9fa5e3de9a0df3896543e0485de4ce9c0a2023b8a79260cbce673f3d15f323dc

  • SSDEEP

    98304:oemTLkNdfE0pZrD56utgpPFotBER/mQ32lU5:T+q56utgpPF8u/75

Score
10/10
minerupxxmrigcobaltstrike

Malware Config

Signatures

  • Cobaltstrike family
    cobaltstrike
  • XMRig Miner payload 1 IoCs
    miner
  • Xmrig family
    xmrig
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 2025-03-30_9fd23662e61a939ac926abbd8169cbc2_amadey_cobalt-strike_poet-rat_smoke-loader
    .exe windows:6 windows x64 arch:x64


    Headers

    Sections