← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
VTA - Malware Variant, Matanbuchus Delivering Cobalt Strike Beacons Via Spam Campaigns
WHITE Superpro 2022-06-27 Modified: 2022-07-27
42
IOCs
MEDIUM VOLUME
Matanbuchus is a Malware-as-a-service(Maas), where it is engineered to download and execute second-stage executables from command-and-control (C&C) servers on infected systems without detection.
matanbuchuscobalt strikespambeaconszip attachmentadmindll filebeaconhtml filezip filemsi filefebruarycopysandboxpersistenceinstall
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Matanbuchus Cobalt Strike Spam
Indicators of Compromise (11 / 42 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 0308aa2c8dab8a69de41f5d16679bb9b 2022-06-27
FileHash-MD5 314a641ee6ef932f4c561388bd539090 2022-06-27
FileHash-MD5 3e757306c45b710d739a802fbd1fb69f MD5 of 60c1dc0b885ac77b8f670b636c8d404654362354 2022-06-27
FileHash-MD5 40d5b499d9213f44ca786d56b6e10907 MD5 of 73b17544d1e42dc12d4af1d19343e2c7456a4a0b 2022-06-27
FileHash-MD5 41049c329659e51ccca47c13b8021c14 MD5 of 50dd607fb2147457fb5978a591e9d2f46b412d24 2022-06-27
FileHash-MD5 5698e2786aafbda7e252d89829250112 2022-06-27
FileHash-MD5 8cb8cf84ab20159702e6803cd6ce364a 2022-06-27
FileHash-MD5 8fc15b030254c0d49f18d06c696d6986 MD5 of 75f62f4d419b921bc081b5e8387665ac3cffd0d7 2022-06-27
FileHash-MD5 97fc6726f396c4b86bc84ca97e787637 MD5 of ad6e5024a0be6f69370e7a0482a2baa27c4a25be 2022-06-27
FileHash-MD5 f177b0ec8a79756f45f8cf0fb9b99c07 MD5 of 1b18d12dc5c14e68b271164ff63647a6d2eb090d 2022-06-27
FileHash-MD5 ff82937564ff59eb6207f079cdc8e43d MD5 of 7cfe0a71c4a2508a1af80e640ec8b1b034edb604 2022-06-27
References (1)
↗ https://blog.cyble.com/2022/06/23/matanbuchus-loader-resurfaces/