cobaltstrike | c7d6c91b88c14689bd8893a74905a397a818be259d6130119f9c1fc93a15800b | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

c7d6c91b88...0b.exe

windows7-x64

7

c7d6c91b88...0b.exe

windows10-2004-x64

Sharing

General

Target

c7d6c91b88c14689bd8893a74905a397a818be259d6130119f9c1fc93a15800b
Size

13.2MB
Sample

240913-vjss7sxhnk
MD5

8397a9c147280ef62c9bf26656d5fe04
SHA1

ae7631b7a833aa832e7f6bc28af23495a18086b6
SHA256

c7d6c91b88c14689bd8893a74905a397a818be259d6130119f9c1fc93a15800b
SHA512

5a8b376e4ac77090456781520bfc91fa10c8da30537955ee1fda988d5f4a9a4c5db70bfe334d103650d32448e2f8fb8ec164a733c7f80a4d5eb9dbd5f86b0a71
SSDEEP

393216:Vn9xXszf490URCcLsfOvrWz8sq3+d9NDSyW8E0ZvA:t9xXszfm0URCdOT2UOd9NfW8E0FA

Score

10^/10

cobaltstrike backdoor pyinstaller trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

c7d6c91b88c14689bd8893a74905a397a818be259d6130119f9c1fc93a15800b.exe

Resource

win7-20240903-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

c7d6c91b88c14689bd8893a74905a397a818be259d6130119f9c1fc93a15800b.exe

Resource

win10v2004-20240802-en

cobaltstrike backdoor trojan

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

cobaltstrike

C2

http://116.62.50.132:6667/jquery-3.3.2.slim.min.js

Attributes

user_agent
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Referer: http://code.jquery.com/ Accept-Encoding: gzip, deflate User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Edg/114

Targets

- Target
  
  c7d6c91b88c14689bd8893a74905a397a818be259d6130119f9c1fc93a15800b
- Size
  
  13.2MB
- MD5
  
  8397a9c147280ef62c9bf26656d5fe04
- SHA1
  
  ae7631b7a833aa832e7f6bc28af23495a18086b6
- SHA256
  
  c7d6c91b88c14689bd8893a74905a397a818be259d6130119f9c1fc93a15800b
- SHA512
  
  5a8b376e4ac77090456781520bfc91fa10c8da30537955ee1fda988d5f4a9a4c5db70bfe334d103650d32448e2f8fb8ec164a733c7f80a4d5eb9dbd5f86b0a71
- SSDEEP
  
  393216:Vn9xXszf490URCcLsfOvrWz8sq3+d9NDSyW8E0ZvA:t9xXszfm0URCdOT2UOd9NfW8E0FA
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

cobaltstrikebackdoortrojan

© 2018-2025

Terms | Privacy