cobaltstrike | e338c952c77eef9738e0d1a337c2135383c067cd8c05cc239aa02cc8e1164149 | Triage

Analysis

max time kernel
123s
max time network
33s
platform
windows7_x64
resource
win7-20221111-en
resource tags

arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
submitted
25/12/2022, 13:44

Sharing

Copy URL Twitter E-mail

Report Analysis Logs

General

Target

beacon1.exe
Size

289KB
MD5

0ec3cbf387193481eb6d30666ae146d3
SHA1

2c8d009f40dcc0fb9be6d3f19324f1066a931016
SHA256

e338c952c77eef9738e0d1a337c2135383c067cd8c05cc239aa02cc8e1164149
SHA512

c0bb43c0441960fa91adeea3399647d96f048885dd1b2b3450f0e81ae05229dd44fad9d02be781d1f15fadcbeda7510074ca828346b9b8ed23105b708e413ac2
SSDEEP

6144:6f+WsrAoa94KC/YQZZdHoLesvc5CCUtnn:6fhwAoa9GBDbMTCyn

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Signatures

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\beacon1.exe
"C:\Users\Admin\AppData\Local\Temp\beacon1.exe"
1⤵
PID:1096

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1096-54-0x0000000000250000-0x0000000000294000-memory.dmp

Filesize
272KB

Download
memory/1096-55-0x00000000003A0000-0x00000000003F2000-memory.dmp

Filesize
328KB

Download