cobaltstrike | 51abcecacd2fdd25bb8ef3a64b02aaa940b6d08ea2f7f48d5d6dc13d6912a561

Analysis

Target

51abcecacd2fdd25bb8ef3a64b02aaa940b6d08ea2f7f48d5d6dc13d6912a561.exe
Size

663KB
MD5

f3acf00f641c4f24892e6864aa59b7c3
SHA1

7323a3c2f0b4c85099b275f78fb6f4d4f586c148
SHA256

51abcecacd2fdd25bb8ef3a64b02aaa940b6d08ea2f7f48d5d6dc13d6912a561
SHA512

9648c2cb6007c7af4b1c953e8e80f1f6a173208a55bd3326d49fef64695832837575e7300bf040cac20f8d365a6ae85c4f213014f399ef24284348f16653036e

Score

10^/10

Family

cobaltstrike

Attributes

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit

C:\Users\Admin\AppData\Local\Temp\51abcecacd2fdd25bb8ef3a64b02aaa940b6d08ea2f7f48d5d6dc13d6912a561.exe
"C:\Users\Admin\AppData\Local\Temp\51abcecacd2fdd25bb8ef3a64b02aaa940b6d08ea2f7f48d5d6dc13d6912a561.exe"
1⤵
PID:1748

memory/844-5-0x000007FEF5E90000-0x000007FEF610A000-memory.dmp

Filesize
2.5MB

Download
memory/1748-2-0x00000000002D0000-0x0000000000326000-memory.dmp

Filesize
344KB

Download
memory/1748-4-0x00000000003B0000-0x00000000003B1000-memory.dmp

Filesize
4KB

Download
memory/1748-3-0x0000000001E20000-0x0000000001E76000-memory.dmp

Filesize
344KB

Download
memory/1748-6-0x000007FEFB811000-0x000007FEFB813000-memory.dmp

Filesize
8KB

Download
memory/1748-7-0x0000000003BC0000-0x0000000003FC0000-memory.dmp

Filesize
4.0MB

Download
memory/1748-8-0x00000000027F0000-0x000000000283D000-memory.dmp

Filesize
308KB

Download