cobaltstrike | 16abd02a0113514424fbb4125f4281bfaf70bb142a3468897cd968efabe365e0 | Triage

Submit
Reports

Overview

overview

Static

static

3

75292b4dda...0N.exe

windows7-x64

75292b4dda...0N.exe

windows10-2004-x64

1

Analysis

max time kernel
81s
max time network
82s
platform
windows7_x64
resource
win7-20240704-en
resource tags

arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system
submitted
26/07/2024, 04:39

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

75292b4ddac45b59a755a45941196f30N.exe

Resource

win7-20240704-en

cobaltstrike backdoor trojan

windows7-x64

1 signatures

120 seconds

Behavioral task

behavioral2

Sample

75292b4ddac45b59a755a45941196f30N.exe

Resource

win10v2004-20240704-en

windows10-2004-x64

0 signatures

120 seconds

Report Analysis Logs

General

Target

75292b4ddac45b59a755a45941196f30N.exe
Size

14KB
MD5

75292b4ddac45b59a755a45941196f30
SHA1

d55bd27291b0d7c585635c39505bacb411994106
SHA256

16abd02a0113514424fbb4125f4281bfaf70bb142a3468897cd968efabe365e0
SHA512

954baf6b6ebe3b45866df3f444e24046c2e487841c860728f928f3b18e887bd24bab03f5d1eeb1ee7336d4328bd0aa8ab6db3e747e92da4cf0fbced0057ff182
SSDEEP

192:Jzfzes4S4APjehyvBNNTqwYlU/w4/SBVdU3e3Q5tfwc4Gs:9imT2yGlUNSrL32

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://154.204.178.55:5555/njCB

Attributes

user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322)

Signatures

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

Processes

C:\Users\Admin\AppData\Local\Temp\75292b4ddac45b59a755a45941196f30N.exe
"C:\Users\Admin\AppData\Local\Temp\75292b4ddac45b59a755a45941196f30N.exe"
1⤵
PID:2324

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2324-0-0x0000000000400000-0x0000000000501000-memory.dmp

Filesize
1.0MB

Download

© 2018-2025

Terms | Privacy