cobaltstrike | 7f268f270af2bc87840bb89758dda61e73df5166fac1a0946b8c6322cb13f463 | Triage

Submit
Reports

Overview

overview

Static

static

3

7f268f270a...63.exe

windows7-x64

7f268f270a...63.exe

windows10-2004-x64

Sharing

General

Target

7f268f270af2bc87840bb89758dda61e73df5166fac1a0946b8c6322cb13f463
Size

3.6MB
Sample

240626-2anlfszfkn
MD5

72cf43e4c7af5cab216c40461fff80f5
SHA1

bd0a07df283d22301e4152bbd09f657fc8cc7238
SHA256

7f268f270af2bc87840bb89758dda61e73df5166fac1a0946b8c6322cb13f463
SHA512

6a8f8d96fbb68372dbad3f4a3f4adb7b3c513d2fb12fef739f55a2743cfaf4c4388672dcb4e9fe9acf2644fe2369ab8ac1791d42bf839b5c5f78589798e55fe1
SSDEEP

98304:vMWFK+EW84cufR5N15QhU5pyl/fuYdGGtxFZKUWXI0J:vrA4cufR5v5QhmGuVaxFZKUWY0

Score

10^/10

cobaltstrike backdoor pyinstaller trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

7f268f270af2bc87840bb89758dda61e73df5166fac1a0946b8c6322cb13f463.exe

Resource

win7-20240221-en

cobaltstrike backdoor trojan

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

7f268f270af2bc87840bb89758dda61e73df5166fac1a0946b8c6322cb13f463.exe

Resource

win10v2004-20240508-en

cobaltstrike backdoor trojan

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Extracted

Family

cobaltstrike

C2

http://101.35.173.226:10890/V1hn

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0; MDDCJS)

Targets

- Target
  
  7f268f270af2bc87840bb89758dda61e73df5166fac1a0946b8c6322cb13f463
- Size
  
  3.6MB
- MD5
  
  72cf43e4c7af5cab216c40461fff80f5
- SHA1
  
  bd0a07df283d22301e4152bbd09f657fc8cc7238
- SHA256
  
  7f268f270af2bc87840bb89758dda61e73df5166fac1a0946b8c6322cb13f463
- SHA512
  
  6a8f8d96fbb68372dbad3f4a3f4adb7b3c513d2fb12fef739f55a2743cfaf4c4388672dcb4e9fe9acf2644fe2369ab8ac1791d42bf839b5c5f78589798e55fe1
- SSDEEP
  
  98304:vMWFK+EW84cufR5N15QhU5pyl/fuYdGGtxFZKUWXI0J:vrA4cufR5v5QhmGuVaxFZKUWY0
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan

© 2018-2024

Terms | Privacy