cobaltstrike | 333fb959712e2398f655636fba60ccf5faffb24f72da83e1167b3675bb0227e2 | Triage

Analysis

max time kernel
126s
max time network
136s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
26-09-2024 16:45

Sharing

Report Analysis Logs

General

Target

333fb959712e2398f655636fba60ccf5faffb24f72da83e1167b3675bb0227e2.exe
Size

908KB
MD5

a2ad26a26fd00666c114c508ee3294c3
SHA1

4a94b02a63a2083d3052f5741fdfbee8a8f32941
SHA256

333fb959712e2398f655636fba60ccf5faffb24f72da83e1167b3675bb0227e2
SHA512

1a3938c3346d24ad7164390bbf00d3f0b6d6f38dec39db10ad01d2cb600f4c0683cd80704c72cd0d7d3d5ca97fd4883620753bbd78ead766d7ab0253aa88d884
SSDEEP

12288:YFXWYsG/ubhoTFN9CjHhoNYIjNCAeyxyxsKWEw/eu:aXWY3GtoTFLCjHGYS8AeNstEwZ

Score

10^/10

cobaltstrike 0 backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

Botnet

0

Attributes

watermark
0

Signatures

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike

C:\Users\Admin\AppData\Local\Temp\333fb959712e2398f655636fba60ccf5faffb24f72da83e1167b3675bb0227e2.exe
"C:\Users\Admin\AppData\Local\Temp\333fb959712e2398f655636fba60ccf5faffb24f72da83e1167b3675bb0227e2.exe"
1⤵
PID:620

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/620-0-0x0000000000420000-0x00000000004A0000-memory.dmp

Filesize
512KB

Download
memory/620-1-0x0000000000420000-0x00000000004A0000-memory.dmp

Filesize
512KB

Download
memory/620-2-0x00000000001F0000-0x000000000023F000-memory.dmp

Filesize
316KB

Download
memory/620-3-0x00000000001F0000-0x000000000023F000-memory.dmp

Filesize
316KB

Download