cobaltstrike | 20ca66c90f3d9f505470040726ab70045c7b2e0636a059230e702eabd3e35598 | Triage

Analysis

max time kernel
118s
max time network
124s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
06/01/2024, 09:53

Sharing

Report Analysis Logs

General

Target

cobaltstrike.dll
Size

270KB
MD5

b0350c0a85d28d95d6f6b5da21c0408f
SHA1

2419f81ae84b81cde3b48f4d80e940e6453a6646
SHA256

20ca66c90f3d9f505470040726ab70045c7b2e0636a059230e702eabd3e35598
SHA512

b2eb77246f8d99bc545e6c02bfc032fc9f2290fa6e73943a7ef4d1f125972d907491185faedd32c19fb8cc17d5c1b2af50570dd9b769a7184962b489963e7bcc
SSDEEP

3072:rzbINhWl+CIbfqqEVxtfg8jtfDCJS4l9JTFyG+JteEzCnL7zYGIkfhUYJF6vzHk1:rzbUWootfDCvT4ZTXzCLTIk5UDyrKM

Score

10^/10

cobaltstrike 0 backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

Botnet

0

Attributes

watermark
0

Signatures

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\cobaltstrike.dll,#1
1⤵
PID:2856

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2856-0-0x0000000001BE0000-0x0000000001C32000-memory.dmp

Filesize
328KB

Download