cobaltstrike | be3da69303ecce036c309478131c3bfdc6bc2ce37a2cfd8833fd13cf0413f333 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

gootloader_payload.js

windows7-x64

3

gootloader_payload.js

windows10-2004-x64

Sharing

General

Target

gootloader_payload.js
Size

507KB
Sample

220906-p4cd3aacfn
MD5

87da4e714b2536ff087610bd1d85973f
SHA1

e13af717e348ec5991c8f9a5bcd97fb81c5bb011
SHA256

be3da69303ecce036c309478131c3bfdc6bc2ce37a2cfd8833fd13cf0413f333
SHA512

c3043ad057269896a95881997a0807470ab5ff6e12ca8c4e5481749196064959efea292a2a6d25f3ff69a6623c6731adf939989144021e4e768aa3acd3fea7e1
SSDEEP

6144:D7TnJm/x24+NeRdwDVPcPJwSXYlS9/kN5EJ1aKA5n9SKQoulUIoMoCVca:D7TE/xH+wRdwRPiMmkNzKABAJ1lUeVca

Score

10^/10

cobaltstrike backdoor trojan

Static task

static1

Behavioral task

behavioral1

Sample

gootloader_payload.js

Resource

win7-20220812-en

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

gootloader_payload.js

Resource

win10v2004-20220812-en

cobaltstrike backdoor trojan

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  gootloader_payload.js
- Size
  
  507KB
- MD5
  
  87da4e714b2536ff087610bd1d85973f
- SHA1
  
  e13af717e348ec5991c8f9a5bcd97fb81c5bb011
- SHA256
  
  be3da69303ecce036c309478131c3bfdc6bc2ce37a2cfd8833fd13cf0413f333
- SHA512
  
  c3043ad057269896a95881997a0807470ab5ff6e12ca8c4e5481749196064959efea292a2a6d25f3ff69a6623c6731adf939989144021e4e768aa3acd3fea7e1
- SSDEEP
  
  6144:D7TnJm/x24+NeRdwDVPcPJwSXYlS9/kN5EJ1aKA5n9SKQoulUIoMoCVca:D7TE/xH+wRdwRPiMmkNzKABAJ1lUeVca
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

cobaltstrikebackdoortrojan

© 2018-2025

Terms | Privacy