cobaltstrike | f62629540d1f5d28db07432d5b4e7843fc378b25008f6b2ebf977dc37d6446a6 | Triage

Submit
Reports

Overview

overview

Static

static

f62629540d...a6.exe

windows7-x64

f62629540d...a6.exe

windows10-2004-x64

Analysis

max time kernel
149s
max time network
157s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
23-11-2024 12:45

Sharing

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

f62629540d1f5d28db07432d5b4e7843fc378b25008f6b2ebf977dc37d6446a6.exe

Resource

win7-20241023-en

cobaltstrike backdoor trojan

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

f62629540d1f5d28db07432d5b4e7843fc378b25008f6b2ebf977dc37d6446a6.exe

Resource

win10v2004-20241007-en

cobaltstrike backdoor trojan

windows10-2004-x64

2 signatures

150 seconds

Report Analysis Logs

General

Target

f62629540d1f5d28db07432d5b4e7843fc378b25008f6b2ebf977dc37d6446a6.exe
Size

112KB
MD5

31df26875f306ce305c66cfeb53b33a6
SHA1

acc46058c0980c78d4361abe0ad6190e579df9c0
SHA256

f62629540d1f5d28db07432d5b4e7843fc378b25008f6b2ebf977dc37d6446a6
SHA512

df007b68bbfdd934babd579e6d55f6469e4bc0dfd4f00a217efc4d8cf5aca48d3d17b9a364d70bc1dc4261b9798d270070481f664c7118ad03dccdf1370475ce
SSDEEP

3072:ChRWtSb0pjpbM6QiQQO4g+MxWK2o5wu1KH:aWtSb0pjpIlQO4gVxt5w3

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.137.6:80/aca8

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; NP08; MAAU; NP08)

Signatures

Cobaltstrike
Detected malicious payload which is part of Cobaltstrike.
trojan backdoor cobaltstrike
Cobaltstrike family
cobaltstrike

Processes

C:\Users\Admin\AppData\Local\Temp\f62629540d1f5d28db07432d5b4e7843fc378b25008f6b2ebf977dc37d6446a6.exe
"C:\Users\Admin\AppData\Local\Temp\f62629540d1f5d28db07432d5b4e7843fc378b25008f6b2ebf977dc37d6446a6.exe"
1⤵
PID:4232

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4232-0-0x000001EE7EBB0000-0x000001EE7EBB1000-memory.dmp

Filesize
4KB

Download

© 2018-2025

Terms | Privacy