cobaltstrike | 1895348f6c3c3a9935e3634965d877b230bb72dde23d3336a8e5bec31a88579c | Triage

Submit
Reports

Overview

overview

Static

static

JC_1895348...9c.dll

windows7-x64

JC_1895348...9c.dll

windows10-2004-x64

Analysis

max time kernel
128s
max time network
133s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
18/09/2023, 16:51

Sharing

Static task

static1

391144938 cobaltstrike

2 signatures

Behavioral task

behavioral1

Sample

JC_1895348f6c3c3a9935e3634965d877b230bb72dde23d3336a8e5bec31a88579c.dll

Resource

win7-20230831-en

cobaltstrike 0 backdoor trojan

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

JC_1895348f6c3c3a9935e3634965d877b230bb72dde23d3336a8e5bec31a88579c.dll

Resource

win10v2004-20230915-en

cobaltstrike 0 backdoor trojan

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

JC_1895348f6c3c3a9935e3634965d877b230bb72dde23d3336a8e5bec31a88579c.dll
Size

270KB
MD5

d3fa60282cacaade84d8a9ee5d709b3b
SHA1

fbd5f2ddd6322a51a4efe30215e325a59eba155e
SHA256

1895348f6c3c3a9935e3634965d877b230bb72dde23d3336a8e5bec31a88579c
SHA512

e4ca935fc86315024cabfb70f7c696495045d3858c24aed75176a6477a9c6bec44bcaaac1994b46d25dcfccce2e439e11e42500fcce8fb870f6ef7706786a8ec
SSDEEP

3072:rzbINhWl+CIbfqqEVxtfg8jtfDCJS4l9JTFyG+JteEzCnL7z6GIkfhUYJF6vzHkG:rzbUWootfDCvT4ZTXzCLpIk5UDFrKM

Score

10^/10

cobaltstrike 0 backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

Botnet

0

Attributes

watermark
0

Signatures

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\JC_1895348f6c3c3a9935e3634965d877b230bb72dde23d3336a8e5bec31a88579c.dll,#1
1⤵
PID:3172

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3172-0-0x0000019E0D540000-0x0000019E0D592000-memory.dmp

Filesize
328KB

Download

© 2018-2025

Terms | Privacy