cobaltstrike | b64b522a9b754bca2d34348c9d9672b6f72f0d42331dd04fd58af5b57ab70c24 | Triage

Submit
Reports

Overview

overview

Static

static

3

b64b522a9b...24.exe

windows7-x64

b64b522a9b...24.exe

windows10-2004-x64

Analysis

max time kernel
148s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
31-10-2024 08:23

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

b64b522a9b754bca2d34348c9d9672b6f72f0d42331dd04fd58af5b57ab70c24.exe

Resource

win7-20240903-en

cobaltstrike backdoor trojan

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

b64b522a9b754bca2d34348c9d9672b6f72f0d42331dd04fd58af5b57ab70c24.exe

Resource

win10v2004-20241007-en

cobaltstrike backdoor trojan

windows10-2004-x64

2 signatures

150 seconds

Report Analysis Logs

General

Target

b64b522a9b754bca2d34348c9d9672b6f72f0d42331dd04fd58af5b57ab70c24.exe
Size

19KB
MD5

208b8cd5653007e6c60d90318f87417b
SHA1

e495c9a44973dfb46721cd14a6adb1b50a16f983
SHA256

b64b522a9b754bca2d34348c9d9672b6f72f0d42331dd04fd58af5b57ab70c24
SHA512

6cd1a12d8921c86a51b3d7427ccbaaca35913b7d08048496bca6b1ee86f5c2f072d55d557ee36b42ea224447f798aa227491e45d143357706157bac52d463f23
SSDEEP

192:PV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2wnvWF8qa1Dojjgi:JqaCF31cix+Dc4zj7OFF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.136.130:1234/4rpG

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; BOIE9;PTBR)

Signatures

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike
Cobaltstrike family
cobaltstrike

Processes

C:\Users\Admin\AppData\Local\Temp\b64b522a9b754bca2d34348c9d9672b6f72f0d42331dd04fd58af5b57ab70c24.exe
"C:\Users\Admin\AppData\Local\Temp\b64b522a9b754bca2d34348c9d9672b6f72f0d42331dd04fd58af5b57ab70c24.exe"
1⤵
PID:4604

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4604-0-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download
memory/4604-1-0x0000000000400000-0x000000000040C000-memory.dmp

Filesize
48KB

Download

© 2018-2024

Terms | Privacy