cobaltstrike | 2941c95c651a851d37fa94083c9a60738652ea70fb6f8f4e43c3433dae5e43e8 | Triage

Submit
Reports

Overview

overview

Static

static

9

2941c95c65...e8.exe

windows7_x64

2941c95c65...e8.exe

windows10_x64

Analysis

max time kernel
123s
max time network
123s
platform
windows7_x64
resource
win7-en-20211208
submitted
31-01-2022 04:10

Sharing

Static task

static1

cryptone packer

Behavioral task

behavioral1

Sample

2941c95c651a851d37fa94083c9a60738652ea70fb6f8f4e43c3433dae5e43e8.exe

Resource

win7-en-20211208

cobaltstrike backdoor trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

2941c95c651a851d37fa94083c9a60738652ea70fb6f8f4e43c3433dae5e43e8.exe

Resource

win10-en-20211208

cobaltstrike backdoor trojan

windows10_x64

0 signatures

0 seconds

Report Analysis Logs

General

Target

2941c95c651a851d37fa94083c9a60738652ea70fb6f8f4e43c3433dae5e43e8.exe
Size

549KB
MD5

4e4db89841979de3205906411986b07d
SHA1

74d600fc823f74b6468cb741062ee5012761aeff
SHA256

2941c95c651a851d37fa94083c9a60738652ea70fb6f8f4e43c3433dae5e43e8
SHA512

504ecb874c9d070b39081256c543a04b4ec12ba405ecbbff8fe670d364140fad4814fb7648e99f608a4a1d720a644882d28a8931db6eeb54abb611d697db9cd9

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Signatures

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

Processes

C:\Users\Admin\AppData\Local\Temp\2941c95c651a851d37fa94083c9a60738652ea70fb6f8f4e43c3433dae5e43e8.exe
"C:\Users\Admin\AppData\Local\Temp\2941c95c651a851d37fa94083c9a60738652ea70fb6f8f4e43c3433dae5e43e8.exe"
1⤵
PID:968

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/968-54-0x0000000140000000-0x0000000140062000-memory.dmp

Filesize
392KB

Download
memory/968-60-0x0000000000310000-0x000000000036F000-memory.dmp

Filesize
380KB

Download

© 2018-2024

Terms | Privacy