cobaltstrike | 410c8df6170489cca3615a9bbb7a4a56b26e3aced1aed0868120c27b4d171e96 | Triage

Submit
Reports

Overview

overview

Static

static

2025-03-30...er.exe

windows7-x64

2025-03-30...er.exe

windows10-2004-x64

Sharing

General

Target

2025-03-30_517b5b00c2c77af5178e2d6ffc6c4a6b_amadey_cobalt-strike_poet-rat_smoke-loader
Size

5.9MB
Sample

250330-w7fn8atydz
MD5

517b5b00c2c77af5178e2d6ffc6c4a6b
SHA1

611b16addcf60f427b277ca4c783907b61743ee7
SHA256

410c8df6170489cca3615a9bbb7a4a56b26e3aced1aed0868120c27b4d171e96
SHA512

d86a8160a464c6996094c061fad9376179e9e01677af728d73925f1b1a2ac5b24904afc7e40e633af1c968953800826b7c40990fe66dee0b649a9b8b14d6730f
SSDEEP

98304:oemTLkNdfE0pZrD56utgpPFotBER/mQ32lUJ:T+q56utgpPF8u/7J

Score

10^/10

cobaltstrike xmrig backdoor miner trojan upx

Static task

static1

miner upx xmrig cobaltstrike

5 signatures

Behavioral task

behavioral1

Sample

2025-03-30_517b5b00c2c77af5178e2d6ffc6c4a6b_amadey_cobalt-strike_poet-rat_smoke-loader.exe

Resource

win7-20240903-en

cobaltstrike xmrig backdoor miner trojan upx

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

2025-03-30_517b5b00c2c77af5178e2d6ffc6c4a6b_amadey_cobalt-strike_poet-rat_smoke-loader.exe

Resource

win10v2004-20250313-en

cobaltstrike xmrig backdoor miner trojan upx

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  2025-03-30_517b5b00c2c77af5178e2d6ffc6c4a6b_amadey_cobalt-strike_poet-rat_smoke-loader
- Size
  
  5.9MB
- MD5
  
  517b5b00c2c77af5178e2d6ffc6c4a6b
- SHA1
  
  611b16addcf60f427b277ca4c783907b61743ee7
- SHA256
  
  410c8df6170489cca3615a9bbb7a4a56b26e3aced1aed0868120c27b4d171e96
- SHA512
  
  d86a8160a464c6996094c061fad9376179e9e01677af728d73925f1b1a2ac5b24904afc7e40e633af1c968953800826b7c40990fe66dee0b649a9b8b14d6730f
- SSDEEP
  
  98304:oemTLkNdfE0pZrD56utgpPFotBER/mQ32lUJ:T+q56utgpPF8u/7J
Score

10^/10

cobaltstrike xmrig backdoor miner trojan upx
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
- Cobaltstrike family
  cobaltstrike
- Xmrig family
  xmrig
- xmrig
  XMRig is a high performance, open source, cross platform CPU/GPU miner.
  miner xmrig
- XMRig Miner payload
  miner
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

minerupxxmrigcobaltstrike

behavioral1

cobaltstrikexmrigbackdoorminertrojanupx

behavioral2

cobaltstrikexmrigbackdoorminertrojanupx

© 2018-2025

Terms | Privacy