cobaltstrike | 8db4146a8366dd6927f3ee74c1e1c311ea3d931a177015ff5ae3a8c165b383e3 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

ac5c3fb73b...40.dll

windows7-x64

ac5c3fb73b...40.dll

windows10-2004-x64

Analysis

max time kernel
93s
max time network
139s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
20/09/2024, 16:01

Sharing

Static task

static1

391144938 cobaltstrike

2 signatures

Behavioral task

behavioral1

Sample

ac5c3fb73b8cbeb67efd43a7dbb284ea5bc776641d14fc155b0fe0dae3440640.dll

Resource

win7-20240903-en

cobaltstrike 0 backdoor trojan

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

ac5c3fb73b8cbeb67efd43a7dbb284ea5bc776641d14fc155b0fe0dae3440640.dll

Resource

win10v2004-20240802-en

cobaltstrike 0 backdoor trojan

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

ac5c3fb73b8cbeb67efd43a7dbb284ea5bc776641d14fc155b0fe0dae3440640.dll
Size

272KB
MD5

d9487d281422d6bfd47a3465a53662ed
SHA1

86a65c81b8a7f1247a9fc2053a9836c12d8f69f8
SHA256

ac5c3fb73b8cbeb67efd43a7dbb284ea5bc776641d14fc155b0fe0dae3440640
SHA512

3c8110c90e2add98e75c467df96b4858a9689ac9984633bf2da49ae88d8be44da3c6c083c36afd6f8284030d7b8951d5f5e12d2cb3632b33f151a6b9da736a91
SSDEEP

3072:rzbINhWl+CIbfqqEVxtfg8jtfDCJS4l9JTFyG+JteEzCnL7zxGIkfhUYJF6vzHkM:rzbUWootfDCvT4ZTXzCLcIk5UDnrKM

Score

10^/10

cobaltstrike 0 backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

Botnet

0

Attributes

watermark
0

Signatures

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\ac5c3fb73b8cbeb67efd43a7dbb284ea5bc776641d14fc155b0fe0dae3440640.dll,#1
1⤵
PID:1668

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1668-0-0x000001A4AAC70000-0x000001A4AACC2000-memory.dmp

Filesize
328KB

Download

© 2018-2025

Terms | Privacy