cobaltstrike | c76123f9b3ffb4c9da8a5e70e0ba45fa0a8a0760f84ff8c38ed2f7eb37f73dae | Triage

Analysis

max time kernel
117s
max time network
117s
platform
windows7_x64
resource
win7-20240215-en
resource tags

arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
submitted
18/04/2024, 02:23

Sharing

Report Analysis Logs

General

Target

c76123f9b3ffb4c9da8a5e70e0ba45fa0a8a0760f84ff8c38ed2f7eb37f73dae.dll
Size

270KB
MD5

6ab6084c5b47459f03b90f6c1bdd850d
SHA1

023f004f20473aa73d406efe1eacfac20860673c
SHA256

c76123f9b3ffb4c9da8a5e70e0ba45fa0a8a0760f84ff8c38ed2f7eb37f73dae
SHA512

53e4627bbbda6ad96928bcabc947ac406525401494bfa5d3f77052671572acbdf6db29f7c46cf9ecd2b27e7c03a434a11a27fd606acc0c9e2bd9a492da987484
SSDEEP

3072:rzbINhWl+CIbfqqEVxtfg8jtfDCJS4l9JTFyG+JteEzCnL7z+GIkfhUYJF6vzHks:rzbUWootfDCvT4ZTXzCLdIk5UDvrKM

Score

10^/10

cobaltstrike 0 backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

Botnet

0

Attributes

watermark
0

Signatures

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\c76123f9b3ffb4c9da8a5e70e0ba45fa0a8a0760f84ff8c38ed2f7eb37f73dae.dll,#1
1⤵
PID:384

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/384-0-0x00000000003B0000-0x0000000000402000-memory.dmp

Filesize
328KB

Download