Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

NEAS.f6c50...JC.exe

windows7-x64

10

NEAS.f6c50...JC.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    NEAS.f6c50b717e9436da8c11b00c69c72247908faa135d5a84ced2ac9198f45eb741_JC.exe

  • Size

    19KB

  • Sample

    231007-rgk4ssda6s

  • MD5

    e7715055ced402cccffcd4cfbf653016

  • SHA1

    fa8caa6bd5b7143cd7bfaec60058c69d0a2df064

  • SHA256

    f6c50b717e9436da8c11b00c69c72247908faa135d5a84ced2ac9198f45eb741

  • SHA512

    f9c983c0f4c7d8b92e225d68fbab11fdb527d48ad9e9f6ed42f9adcfcc0d397b074f24f245f249bf294bdf995cd7506acd0127604a4fd694dc9929fdde9a5a80

  • SSDEEP

    192:wV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2PVCdiJWF8qa1Dojjgi:SqaCF31cix+Dc4zje+bFF46gi

Score
10/10
cobaltstrikebackdoortrojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.4.130:80/1ymF

Attributes
  • user_agent

    User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; InfoPath.1)

Targets

    • Target

      NEAS.f6c50b717e9436da8c11b00c69c72247908faa135d5a84ced2ac9198f45eb741_JC.exe

    • Size

      19KB

    • MD5

      e7715055ced402cccffcd4cfbf653016

    • SHA1

      fa8caa6bd5b7143cd7bfaec60058c69d0a2df064

    • SHA256

      f6c50b717e9436da8c11b00c69c72247908faa135d5a84ced2ac9198f45eb741

    • SHA512

      f9c983c0f4c7d8b92e225d68fbab11fdb527d48ad9e9f6ed42f9adcfcc0d397b074f24f245f249bf294bdf995cd7506acd0127604a4fd694dc9929fdde9a5a80

    • SSDEEP

      192:wV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2PVCdiJWF8qa1Dojjgi:SqaCF31cix+Dc4zje+bFF46gi

    Score
    10/10
    cobaltstrikebackdoortrojan
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks