cobaltstrike | 79df8ba3ac8244ae5913e58a5a356a452716e0e7ec3a17f1ebb5a77b1edd5fa7 | Triage

Submit
Reports

Overview

overview

Static

static

3

79df8ba3ac...cs.exe

windows7-x64

79df8ba3ac...cs.exe

windows10-2004-x64

Sharing

General

Target

79df8ba3ac8244ae5913e58a5a356a452716e0e7ec3a17f1ebb5a77b1edd5fa7_NeikiAnalytics.exe
Size

577KB
Sample

240624-qse69axhnm
MD5

531daf6994c00e425a4e35c9e0408620
SHA1

5f35b5d31913fff208769687c2cb08d0b6eaf26f
SHA256

79df8ba3ac8244ae5913e58a5a356a452716e0e7ec3a17f1ebb5a77b1edd5fa7
SHA512

ae1217a519153a78de8e1673a7da4a96badf9d5adde3f1e19f5b636ec566dfc62fd6c30dab6ebad68e584174d5dee5cb5895ba0c6bd28dcffa1a409eb9dd5d9e
SSDEEP

12288:VA3rjjCzCctsGvHLVwk3Ta77Hp0fWAUmBkmrNUHvYFLdqoJf:u/CCctT5KHvYFLdqoJf

Score

10^/10

cobaltstrike backdoor trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

79df8ba3ac8244ae5913e58a5a356a452716e0e7ec3a17f1ebb5a77b1edd5fa7_NeikiAnalytics.exe

Resource

win7-20240508-en

cobaltstrike backdoor trojan

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

79df8ba3ac8244ae5913e58a5a356a452716e0e7ec3a17f1ebb5a77b1edd5fa7_NeikiAnalytics.exe

Resource

win10v2004-20240611-en

cobaltstrike backdoor trojan

windows10-2004-x64

1 signatures

150 seconds

Malware Config

Extracted

Family

cobaltstrike

C2

http://47.116.211.29:7777/f5vL

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; BOIE9;PTBR)

Targets

- Target
  
  79df8ba3ac8244ae5913e58a5a356a452716e0e7ec3a17f1ebb5a77b1edd5fa7_NeikiAnalytics.exe
- Size
  
  577KB
- MD5
  
  531daf6994c00e425a4e35c9e0408620
- SHA1
  
  5f35b5d31913fff208769687c2cb08d0b6eaf26f
- SHA256
  
  79df8ba3ac8244ae5913e58a5a356a452716e0e7ec3a17f1ebb5a77b1edd5fa7
- SHA512
  
  ae1217a519153a78de8e1673a7da4a96badf9d5adde3f1e19f5b636ec566dfc62fd6c30dab6ebad68e584174d5dee5cb5895ba0c6bd28dcffa1a409eb9dd5d9e
- SSDEEP
  
  12288:VA3rjjCzCctsGvHLVwk3Ta77Hp0fWAUmBkmrNUHvYFLdqoJf:u/CCctT5KHvYFLdqoJf
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan

© 2018-2024

Terms | Privacy