cobaltstrike | dc71ae1fea5c46b2930ed33dc807c54f87f9f40b7256fe5dadf08f144b315fce | Triage

Submit
Reports

Overview

overview

Static

static

cobaltstri...de.exe

windows10-2004-x64

Analysis

max time kernel
82s
max time network
89s
platform
windows10-2004_x64
resource
win10v2004-20220901-en
resource tags

arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
submitted
13-09-2022 19:44

Sharing

Static task

static1

1359593325 cobaltstrike

1 signatures

Behavioral task

behavioral1

Sample

cobaltstrike_shellcode.exe

Resource

win10v2004-20220901-en

cobaltstrike backdoor trojan

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

cobaltstrike_shellcode.exe
Size

219KB
MD5

24d99ba5654cdf31141c66fd9417b7e0
SHA1

0e06aedf5b25cf248131c9eff5a331f4bb1fcb67
SHA256

b9321c27be4295c15d7f92fafc20d7ccac5f21204b79ebc2fed583dda0197cf9
SHA512

351e8c078595d1c829385d0bfbeb2560dd62fa063645e40593ba63af8862fc90bbd24438aebb0fb952cb78bf80b91ea35dbabdc91d760fd69c7f188e45075872
SSDEEP

6144:c8X2sNEFy+HVJbny+lgzgeFgUQI9aiGynMOyX:T3NEFy8VJO+GTFgUzaL6MO+

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Signatures

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

Processes

C:\Users\Admin\AppData\Local\Temp\cobaltstrike_shellcode.exe
"C:\Users\Admin\AppData\Local\Temp\cobaltstrike_shellcode.exe"
1⤵
PID:308

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/308-133-0x0000000000440000-0x000000000047D000-memory.dmp

Filesize
244KB

Download
memory/308-132-0x0000000000400000-0x000000000043C300-memory.dmp

Filesize
240KB

Download

© 2018-2024

Terms | Privacy