cobaltstrike | f119dd43f0f873bfe0c3f2912e89038dc399f4e0b523c04ff8b833a75463d6ac | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

f119dd43f0...ac.exe

windows7-x64

f119dd43f0...ac.exe

windows10-2004-x64

Sharing

General

Target

f119dd43f0f873bfe0c3f2912e89038dc399f4e0b523c04ff8b833a75463d6ac
Size

4.5MB
Sample

231102-klc6esbf44
MD5

d593344cc80bf68277c95617b3230c71
SHA1

c985f61db0f30810a9e8f4b0bdd730e8157fafb0
SHA256

f119dd43f0f873bfe0c3f2912e89038dc399f4e0b523c04ff8b833a75463d6ac
SHA512

388a3396e2854297b37fdc37215bc9f2794e5d1e2cf37e41c4a985a1b148c5a4f824967cfab8ed90c76a85b4a553e76340b9403ff5f716404bed397bbd458b2f
SSDEEP

98304:Qb89HblvdIWXe+q2WWmQFnh+oFAZTAxidupkxk/w6S0f+:QbQ7dd9e+q2WWmQlh+ZZREEkRSV

Score

10^/10

cobaltstrike backdoor pyinstaller trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

f119dd43f0f873bfe0c3f2912e89038dc399f4e0b523c04ff8b833a75463d6ac.exe

Resource

win7-20231023-en

cobaltstrike backdoor trojan

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

f119dd43f0f873bfe0c3f2912e89038dc399f4e0b523c04ff8b833a75463d6ac.exe

Resource

win10v2004-20231023-en

cobaltstrike backdoor trojan

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.249.138:23333/Pl6k

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; Win64; x64; Trident/6.0; MDDCJS)

Targets

- Target
  
  f119dd43f0f873bfe0c3f2912e89038dc399f4e0b523c04ff8b833a75463d6ac
- Size
  
  4.5MB
- MD5
  
  d593344cc80bf68277c95617b3230c71
- SHA1
  
  c985f61db0f30810a9e8f4b0bdd730e8157fafb0
- SHA256
  
  f119dd43f0f873bfe0c3f2912e89038dc399f4e0b523c04ff8b833a75463d6ac
- SHA512
  
  388a3396e2854297b37fdc37215bc9f2794e5d1e2cf37e41c4a985a1b148c5a4f824967cfab8ed90c76a85b4a553e76340b9403ff5f716404bed397bbd458b2f
- SSDEEP
  
  98304:Qb89HblvdIWXe+q2WWmQFnh+oFAZTAxidupkxk/w6S0f+:QbQ7dd9e+q2WWmQlh+ZZREEkRSV
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan

© 2018-2025

Terms | Privacy