cobaltstrike | 24bc3419ed40e5dcc4b96bc41e6bf43763ec5442d465b681e19a32686d025226 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

24bc3419ed...26.exe

windows7-x64

24bc3419ed...26.exe

windows10-2004-x64

Sharing

General

Target

24bc3419ed40e5dcc4b96bc41e6bf43763ec5442d465b681e19a32686d025226
Size

477KB
Sample

240409-xlzewaee29
MD5

d56f6219a261d4738c459aea2c5a86e9
SHA1

7c0bbd32d14fcc7dc99a9fd004c761d1a12290f5
SHA256

24bc3419ed40e5dcc4b96bc41e6bf43763ec5442d465b681e19a32686d025226
SHA512

cda623f402d468cbbf1ecc30df563d4f3c56697cb71f5093de6a37d392adecc32f2771c538c097ea108c1bbbc5f6caf191387e9ef9664a5cc2005f4611f71efd
SSDEEP

12288:mCYtNDwqkXJAe4Q5oWqZPVyGDEQPJlhPVMq9QbPF7Nw:v8Dpte4Q9gtyGIkvhtMbU

Score

10^/10

cobaltstrike backdoor trojan upx

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

24bc3419ed40e5dcc4b96bc41e6bf43763ec5442d465b681e19a32686d025226.exe

Resource

win7-20240221-en

cobaltstrike backdoor trojan upx

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

24bc3419ed40e5dcc4b96bc41e6bf43763ec5442d465b681e19a32686d025226.exe

Resource

win10v2004-20240226-en

cobaltstrike backdoor trojan upx

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

cobaltstrike

C2

http://:0

Targets

- Target
  
  24bc3419ed40e5dcc4b96bc41e6bf43763ec5442d465b681e19a32686d025226
- Size
  
  477KB
- MD5
  
  d56f6219a261d4738c459aea2c5a86e9
- SHA1
  
  7c0bbd32d14fcc7dc99a9fd004c761d1a12290f5
- SHA256
  
  24bc3419ed40e5dcc4b96bc41e6bf43763ec5442d465b681e19a32686d025226
- SHA512
  
  cda623f402d468cbbf1ecc30df563d4f3c56697cb71f5093de6a37d392adecc32f2771c538c097ea108c1bbbc5f6caf191387e9ef9664a5cc2005f4611f71efd
- SSDEEP
  
  12288:mCYtNDwqkXJAe4Q5oWqZPVyGDEQPJlhPVMq9QbPF7Nw:v8Dpte4Q9gtyGIkvhtMbU
Score

10^/10

cobaltstrike backdoor trojan upx
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
- UPX dump on OEP (original entry point)
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojanupx

behavioral2

cobaltstrikebackdoortrojanupx

© 2018-2025

Terms | Privacy