cobaltstrike | 83b50542ca7f536b98e06f8d2a6db35e09802413ea10d0234733b37a2638f75d | Triage

Submit
Reports

Overview

overview

Static

static

3

4a385102b9...ad.exe

windows7-x64

4a385102b9...ad.exe

windows10-2004-x64

Sharing

General

Target

4a385102b9a0e0a2b7b951666f0b2aad
Size

8.0MB
Sample

240108-a5kphahchl
MD5

4a385102b9a0e0a2b7b951666f0b2aad
SHA1

9ab0539260bdfa98ffcc2a41f14f8d79e01961ae
SHA256

83b50542ca7f536b98e06f8d2a6db35e09802413ea10d0234733b37a2638f75d
SHA512

e0892d47452cda546e2049c26816e6cc0971dc7a1b5c9911f46023bb85f5c8a1be1a9f11955f904f91d5a400eb196c258e808d6949f041fdfe948073c4ff2a8b
SSDEEP

196608:iipzjM+5DyUTqR+zQW9onJ5hrZEthbJMFjsEODZYih61tqKaCcJdXQA:JQUl3QW9c5hlEthyFv2ZYBLaR

Score

10^/10

cobaltstrike backdoor pyinstaller trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

4a385102b9a0e0a2b7b951666f0b2aad.exe

Resource

win7-20231215-en

cobaltstrike backdoor trojan

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

4a385102b9a0e0a2b7b951666f0b2aad.exe

Resource

win10v2004-20231215-en

cobaltstrike backdoor trojan

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

cobaltstrike

C2

http://104.168.174.193:7777/Rpc

Attributes

user_agent
Host: outlook.live.com Accept: */* User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko)

Targets

- Target
  
  4a385102b9a0e0a2b7b951666f0b2aad
- Size
  
  8.0MB
- MD5
  
  4a385102b9a0e0a2b7b951666f0b2aad
- SHA1
  
  9ab0539260bdfa98ffcc2a41f14f8d79e01961ae
- SHA256
  
  83b50542ca7f536b98e06f8d2a6db35e09802413ea10d0234733b37a2638f75d
- SHA512
  
  e0892d47452cda546e2049c26816e6cc0971dc7a1b5c9911f46023bb85f5c8a1be1a9f11955f904f91d5a400eb196c258e808d6949f041fdfe948073c4ff2a8b
- SSDEEP
  
  196608:iipzjM+5DyUTqR+zQW9onJ5hrZEthbJMFjsEODZYih61tqKaCcJdXQA:JQUl3QW9c5hlEthyFv2ZYBLaR
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan

© 2018-2024

Terms | Privacy