cobaltstrike | c7a71cb8d400bb2c759d9f24e79f510e03b93ef47ee314d814b6b8e24bd9ff43 | Triage

Submit
Reports

Overview

overview

Static

static

3

c7a71cb8d4...43.exe

windows7-x64

c7a71cb8d4...43.exe

windows10-2004-x64

Sharing

General

Target

c7a71cb8d400bb2c759d9f24e79f510e03b93ef47ee314d814b6b8e24bd9ff43.exe
Size

3.0MB
Sample

240519-qjnf9sad21
MD5

ff55424fd0a002f1dcd062d35b5c6a30
SHA1

6566a4b9c07adc2466ad59b8b5fe654f68db59de
SHA256

c7a71cb8d400bb2c759d9f24e79f510e03b93ef47ee314d814b6b8e24bd9ff43
SHA512

fc9caf39695b3914943ff3ac4a5224e7b578ed5663d732d33b439ecd29c3e7d6fbed706e52643aa32de34aa518a5f8fd083c387fbe981ae73035df8cc549f156
SSDEEP

98304:8yzruaI6HMaJTtGbS02tWCRqedk/n0Agwf8j6NfJIDv:8PaI6HMaJTtGbQECRl2Ewf8jaC7

Score

10^/10

cobaltstrike backdoor pyinstaller trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

c7a71cb8d400bb2c759d9f24e79f510e03b93ef47ee314d814b6b8e24bd9ff43.exe

Resource

win7-20240221-en

cobaltstrike backdoor trojan

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

c7a71cb8d400bb2c759d9f24e79f510e03b93ef47ee314d814b6b8e24bd9ff43.exe

Resource

win10v2004-20240226-en

cobaltstrike backdoor trojan

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

cobaltstrike

C2

http://124.70.99.224:2231/xu79

Attributes

user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET4.0C; .NET4.0E)

Targets

- Target
  
  c7a71cb8d400bb2c759d9f24e79f510e03b93ef47ee314d814b6b8e24bd9ff43.exe
- Size
  
  3.0MB
- MD5
  
  ff55424fd0a002f1dcd062d35b5c6a30
- SHA1
  
  6566a4b9c07adc2466ad59b8b5fe654f68db59de
- SHA256
  
  c7a71cb8d400bb2c759d9f24e79f510e03b93ef47ee314d814b6b8e24bd9ff43
- SHA512
  
  fc9caf39695b3914943ff3ac4a5224e7b578ed5663d732d33b439ecd29c3e7d6fbed706e52643aa32de34aa518a5f8fd083c387fbe981ae73035df8cc549f156
- SSDEEP
  
  98304:8yzruaI6HMaJTtGbS02tWCRqedk/n0Agwf8j6NfJIDv:8PaI6HMaJTtGbQECRl2Ewf8jaC7
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan

© 2018-2024

Terms | Privacy