cobaltstrike | cd5497bf5d51f20d474becc980fdfdb6e12e95e1838254e7c62b455a6d9b0b3f | Triage

Submit
Reports

Overview

overview

Static

static

3

cd5497bf5d...3f.exe

windows7-x64

cd5497bf5d...3f.exe

windows10-2004-x64

Analysis

max time kernel
147s
max time network
149s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
23-11-2024 07:23

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

cd5497bf5d51f20d474becc980fdfdb6e12e95e1838254e7c62b455a6d9b0b3f.exe

Resource

win7-20241010-en

cobaltstrike backdoor trojan

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

cd5497bf5d51f20d474becc980fdfdb6e12e95e1838254e7c62b455a6d9b0b3f.exe

Resource

win10v2004-20241007-en

cobaltstrike backdoor trojan

windows10-2004-x64

2 signatures

150 seconds

Report Analysis Logs

General

Target

cd5497bf5d51f20d474becc980fdfdb6e12e95e1838254e7c62b455a6d9b0b3f.exe
Size

108KB
MD5

384e451e56f1c086ab3787b3967fa9fa
SHA1

adc98a1c928e33f6c3255b7c93e171d3c96806cb
SHA256

cd5497bf5d51f20d474becc980fdfdb6e12e95e1838254e7c62b455a6d9b0b3f
SHA512

4615f7df00310773d7cfd521b48140324d37d15896e8b5ed5e9c6712bcc7273ab04b8f479434775ec35ea1c11590978cdecc17aa0e54a47fa244ef65acb02699
SSDEEP

1536:sTjDePg5HPjVAJ49h0UsbyTpScxWRg0qabhfBx+c6isWQdk9dlJJX8sv:iFJAGr6by9lxWRHqab1L+V9cnJL

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.1.6:80/fR4q

Attributes

user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727)

Signatures

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike
Cobaltstrike family
cobaltstrike

Processes

C:\Users\Admin\AppData\Local\Temp\cd5497bf5d51f20d474becc980fdfdb6e12e95e1838254e7c62b455a6d9b0b3f.exe
"C:\Users\Admin\AppData\Local\Temp\cd5497bf5d51f20d474becc980fdfdb6e12e95e1838254e7c62b455a6d9b0b3f.exe"
1⤵
PID:1984

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1984-1-0x00000234F35D0000-0x00000234F35D1000-memory.dmp

Filesize
4KB

Download
memory/1984-0-0x00000234F35D0000-0x00000234F35D1000-memory.dmp

Filesize
4KB

Download

© 2018-2025

Terms | Privacy