cobaltstrike | 42e4083d52a41ee7d322f5b4cd2a0c5b6a72c3113b85099819a9968a2e98aea9 | Triage

Submit
Reports

Overview

overview

Static

static

42e4083d52...a9.exe

windows7_x64

42e4083d52...a9.exe

windows10_x64

Analysis

max time kernel
131s
max time network
140s
platform
windows10_x64
resource
win10-en-20211208
submitted
05-01-2022 14:42

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

42e4083d52a41ee7d322f5b4cd2a0c5b6a72c3113b85099819a9968a2e98aea9.exe

Resource

win7-en-20211208

cobaltstrike backdoor trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

42e4083d52a41ee7d322f5b4cd2a0c5b6a72c3113b85099819a9968a2e98aea9.exe

Resource

win10-en-20211208

cobaltstrike backdoor trojan

windows10_x64

0 signatures

0 seconds

Report Analysis Logs

General

Target

42e4083d52a41ee7d322f5b4cd2a0c5b6a72c3113b85099819a9968a2e98aea9.exe
Size

12KB
MD5

7580453f6db92422e629d3de19346688
SHA1

4b6eec94a1fc1b1d42025a4476950e846f4f8f77
SHA256

42e4083d52a41ee7d322f5b4cd2a0c5b6a72c3113b85099819a9968a2e98aea9
SHA512

e93e38e6d26998e9dedcf3370e8e12b7d1abae35c59606035243029d544ff17e2c56e9195f47e2a2a41ec83e64e0cc6fd22b43c004c019592034bd773cc5dac5

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://47.93.63.179:5812/Wc9j

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; MANM)

Signatures

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

Processes

C:\Users\Admin\AppData\Local\Temp\42e4083d52a41ee7d322f5b4cd2a0c5b6a72c3113b85099819a9968a2e98aea9.exe
"C:\Users\Admin\AppData\Local\Temp\42e4083d52a41ee7d322f5b4cd2a0c5b6a72c3113b85099819a9968a2e98aea9.exe"
1⤵
PID:1260

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1260-115-0x000001D6112F0000-0x000001D6112F1000-memory.dmp

Filesize
4KB

Download

© 2018-2024

Terms | Privacy