cobaltstrike | be539a6aacf06ef38497d3adc4837c74b6dd28a2a57c4e98e29f2d89fd9b8921 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

aa.exe

windows10-2004-x64

Sharing

General

Target

aa.exe
Size

19KB
Sample

240906-a6hljaxaqn
MD5

95e7c07f6c76a4bd65f911c2532077a0
SHA1

b8d315964cbd4211938c4474fd1bf53588408af2
SHA256

be539a6aacf06ef38497d3adc4837c74b6dd28a2a57c4e98e29f2d89fd9b8921
SHA512

ae4963c10dc70b4a80288b9100c07d23e3d6231e60f30483aa5279ab2d9c49b7f35e02604a1d76e04ea07b1afa1111db34e721bae4cd107c6d5e374bcc6c21db
SSDEEP

192:AV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2W8iXsGWF8qa1Dojjgi:iqaCF31cix+Dc4zjh8i83FF46gi

Score

10^/10

cobaltstrike backdoor discovery trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

aa.exe

Resource

win10v2004-20240802-en

cobaltstrike backdoor discovery trojan

windows10-2004-x64

12 signatures

1800 seconds

Malware Config

Extracted

Family

cobaltstrike

C2

http://130.61.59.1:80/9fjT

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0; MASP)

Targets

- Target
  
  aa.exe
- Size
  
  19KB
- MD5
  
  95e7c07f6c76a4bd65f911c2532077a0
- SHA1
  
  b8d315964cbd4211938c4474fd1bf53588408af2
- SHA256
  
  be539a6aacf06ef38497d3adc4837c74b6dd28a2a57c4e98e29f2d89fd9b8921
- SHA512
  
  ae4963c10dc70b4a80288b9100c07d23e3d6231e60f30483aa5279ab2d9c49b7f35e02604a1d76e04ea07b1afa1111db34e721bae4cd107c6d5e374bcc6c21db
- SSDEEP
  
  192:AV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2W8iXsGWF8qa1Dojjgi:iqaCF31cix+Dc4zjh8i83FF46gi
Score

10^/10

cobaltstrike backdoor discovery trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
- Drops file in System32 directory
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Browser Information Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

cobaltstrikebackdoordiscoverytrojan

© 2018-2025

Terms | Privacy