MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 26f9955137d96222533b01d3985c0b1943a7586c167eceeaa4be808373f7dd30. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

CobaltStrike

Vendor detections: 5

Intelligence 5 IOCs YARA File information Comments

SHA256 hash:	26f9955137d96222533b01d3985c0b1943a7586c167eceeaa4be808373f7dd30
SHA3-384 hash:	ac607baffd2e05b8cf46e6e477cb07e4bd3778bbbedcf71a06d90706870f5ee18b4bae874107dcc6da7e895bb0f6f24e
SHA1 hash:	9cfb328e6815188c7c1a76fab37b75781c920f50
MD5 hash:	8b2871282e466a6fc5182204a618ddd2
humanhash:	quebec-juliet-nineteen-kentucky
File name:	shellcode_ps1.zip
Download:	download sample
Signature	CobaltStrike Create hunting rule
File size:	926 bytes
First seen:	2023-11-29 11:59:35 UTC
Last seen:	Never
File type:	zip
MIME type:	application/zip
Note:	This file is a password protected archive. The password is: infected
ssdeep	24:9rLju4E6KO57DA+xdkpkgPXlLqNFbOiKRXhuUQz/dWLKC:9CvmJupkgPMzOiKeBC
TLSH	T1241140609F533A62DEA04DF831CE83A48A8D8B59D54078C68B05A8881722AD57B1BC02
TrID	80.0% (.ZIP) ZIP compressed archive (4000/1) 20.0% (.PG/BIN) PrintFox/Pagefox bitmap (640x800) (1000/1)
Reporter	embee_research
Tags:	CobaltStrike Shellcode zip

Intelligence

File Origin

# of uploads :

# of downloads :

268

Origin country :

File Archive Information

This file is a password protected archive. The password is: infected

This file archive contains 1 file(s), sorted by their relevance:

File name:	shellcode_ps1.bin
File size:	798 bytes
SHA256 hash:	444d4ed672cfc4a64d810c0e807b8fb0e0786c5fe2e50882086a44b89ce2b4cd
MD5 hash:	85f1d22fc564e2d9d39b6d6b8ba04b16
MIME type:	application/octet-stream
Signature	CobaltStrike

Vendor Threat Intelligence

Verdict:

Suspicious

Labled as:

Malware

Link:

https://www.hybrid-analysis.com/sample/26f9955137d96222533b01d3985c0b1943a7586c167eceeaa4be808373f7dd30

Result

Verdict:

MALICIOUS

Link:

https://labs.inquest.net/dfi/sha256/26f9955137d96222533b01d3985c0b1943a7586c167eceeaa4be808373f7dd30

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/26f9955137d96222533b01d3985c0b1943a7586c167eceeaa4be808373f7dd30/

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=e34zkujx3frceuz3ahjzqxaldfb2owdmcz7m52vex2aig47x3uya._file

Result

Malware family:

n/a

Score:

1/10

Tags:

n/a

Link:

https://tria.ge/reports/231129-qp4qfagd85/

Please note that we are no longer able to provide a coverage score for Virus Total.

Threat name:

CobaltStrike

Score:

1.00

Link:

https://yomi.yoroi.company/submissions/26f9955137d96222533b01d3985c0b1943a7586c167eceeaa4be808373f7dd30

File information

The table below shows additional information about this malware sample such as delivery method and external references.

No further information available

Comments

Login required

You need to login to in order to write a comment. Login with your abuse.ch account.

No comments found for this malware sample