cobaltstrike | 8384650d6af180f802ca6ee4db2e8fff584b7155f2f58b95fed357445fff9d4c | Triage

Submit
Reports

Overview

overview

Static

static

cs.exe

windows7_x64

cs.exe

windows10_x64

Analysis

max time kernel
130s
max time network
132s
platform
windows10_x64
resource
win10v20210408
submitted
05-10-2021 11:53

Sharing

Static task

static1

1359593325 cobaltstrike

Behavioral task

behavioral1

Sample

cs.exe

Resource

win7-en-20210920

cobaltstrike 1359593325 backdoor suricata trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

cs.exe

Resource

win10v20210408

cobaltstrike backdoor suricata trojan

windows10_x64

0 signatures

0 seconds

Report Analysis Logs

General

Target

cs.exe
Size

219KB
MD5

63a7a72bde0af31057672d7534b7e245
SHA1

4caff022234b093867d77b6377dd0d423468a503
SHA256

8384650d6af180f802ca6ee4db2e8fff584b7155f2f58b95fed357445fff9d4c
SHA512

a269663279a63566e68cb044fab4305fed282d070a62781ba881da74bca9d4a3c94bdf84d9a338bf79bad6162f096a8a9b89662eac7ef586a3a7e6429cea408e

Score

10^/10

cobaltstrike backdoor suricata trojan

Malware Config

Signatures

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike
suricata: ET MALWARE Cobalt Strike Malleable C2 Request (Stackoverflow Profile)
suricata: ET MALWARE Cobalt Strike Malleable C2 Request (Stackoverflow Profile)
suricata

Processes

C:\Users\Admin\AppData\Local\Temp\cs.exe
"C:\Users\Admin\AppData\Local\Temp\cs.exe"
1⤵
PID:776

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/776-115-0x0000000000510000-0x000000000054D000-memory.dmp

Filesize
244KB

Download

© 2018-2024

Terms | Privacy