cobaltstrike | 56872281ab0c12a91dcf231ac7e921af6bc08ee740cc6e40f9e426e5b5cf24d7 | Triage

Submit
Reports

Overview

overview

Static

static

3

马泽瑞+...��.exe

windows7-x64

马泽瑞+...��.exe

windows10-1703-x64

马泽瑞+...��.exe

windows10-2004-x64

1

Analysis

max time kernel
290s
max time network
293s
platform
windows10-1703_x64
resource
win10-20230703-en
resource tags

arch:x64arch:x86image:win10-20230703-enlocale:en-usos:windows10-1703-x64system
submitted
14-08-2023 11:25

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

马泽瑞+科技创新与信息化部技术支持岗+腾讯科技（武汉）有限公司.exe

Resource

win7-20230712-en

cobaltstrike backdoor trojan

windows7-x64

1 signatures

300 seconds

Behavioral task

behavioral2

Sample

马泽瑞+科技创新与信息化部技术支持岗+腾讯科技（武汉）有限公司.exe

Resource

win10-20230703-en

cobaltstrike backdoor trojan

windows10-1703-x64

1 signatures

300 seconds

Behavioral task

behavioral3

Sample

马泽瑞+科技创新与信息化部技术支持岗+腾讯科技（武汉）有限公司.exe

Resource

win10v2004-20230703-en

windows10-2004-x64

0 signatures

300 seconds

Report Analysis Logs

General

Target

马泽瑞+科技创新与信息化部技术支持岗+腾讯科技（武汉）有限公司.exe
Size

1.8MB
MD5

d10562c08929d8f0061e17999c295a2e
SHA1

819d67b9f13ce256269a53a7577a55d005d63600
SHA256

56872281ab0c12a91dcf231ac7e921af6bc08ee740cc6e40f9e426e5b5cf24d7
SHA512

44ccf36e386afc31c32a3a259a352afc667069686ec890a0b142e94132572c631efa379acd74d7f2709d4a091c761207b8fb443d7105c406baca20ae20f56646
SSDEEP

24576:FNxuf822RkD1CZHgnz0YvEMUEuGLg/kMWd:bxU8LRkD1KARg/kX

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Signatures

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

Processes

C:\Users\Admin\AppData\Local\Temp\马泽瑞+科技创新与信息化部技术支持岗+腾讯科技（武汉）有限公司.exe
"C:\Users\Admin\AppData\Local\Temp\马泽瑞+科技创新与信息化部技术支持岗+腾讯科技（武汉）有限公司.exe"
1⤵
PID:2060

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2060-117-0x0000000000100000-0x0000000000331000-memory.dmp

Filesize
2.2MB

Download
memory/2060-118-0x0000028BF9EB0000-0x0000028BF9F00000-memory.dmp

Filesize
320KB

Download
memory/2060-119-0x0000028BF9FB0000-0x0000028BFA014000-memory.dmp

Filesize
400KB

Download
memory/2060-120-0x0000000000100000-0x0000000000331000-memory.dmp

Filesize
2.2MB

Download
memory/2060-126-0x0000000000100000-0x0000000000331000-memory.dmp

Filesize
2.2MB

Download
memory/2060-132-0x0000000000100000-0x0000000000331000-memory.dmp

Filesize
2.2MB

Download
memory/2060-138-0x0000000000100000-0x0000000000331000-memory.dmp

Filesize
2.2MB

Download
memory/2060-144-0x0000000000100000-0x0000000000331000-memory.dmp

Filesize
2.2MB

Download

© 2018-2024

Terms | Privacy