cobaltstrike | 37ac8899bcfde74f86a6b5eaaa43ff956db8cc8f8f13e9c9116f97b3c7ff4180 | Triage

Submit
Reports

Overview

overview

Static

static

3

37ac8899bc...80.exe

windows7-x64

37ac8899bc...80.exe

windows10-2004-x64

Sharing

General

Target

37ac8899bcfde74f86a6b5eaaa43ff956db8cc8f8f13e9c9116f97b3c7ff4180
Size

19KB
Sample

240628-melv4axapl
MD5

d191d05e191ed855382e331e07379c1a
SHA1

a0a6d79d09c3fcb12c8017e3a43fe3e3f39857a5
SHA256

37ac8899bcfde74f86a6b5eaaa43ff956db8cc8f8f13e9c9116f97b3c7ff4180
SHA512

e76be387dd794ea704a52b8a734a433dfbb83189053e4681cbcb665dcf77e30d33b1e7f9a9a7770bd8ccdf4bee5ed02144403bba054ffbc656906cd6570ef11c
SSDEEP

192:VV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/29CqWF8qa1Dojjgi:3qaCF31cix+Dc4zjgCzFF46gi

Score

10^/10

cobaltstrike backdoor trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

37ac8899bcfde74f86a6b5eaaa43ff956db8cc8f8f13e9c9116f97b3c7ff4180.exe

Resource

win7-20240611-en

cobaltstrike backdoor trojan

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

37ac8899bcfde74f86a6b5eaaa43ff956db8cc8f8f13e9c9116f97b3c7ff4180.exe

Resource

win10v2004-20240508-en

cobaltstrike backdoor trojan

windows10-2004-x64

1 signatures

150 seconds

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.79.128:8877/4uEo

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows Phone OS 7.5; Trident/5.0; IEMobile/9.0; LG; LG-E906)

Targets

- Target
  
  37ac8899bcfde74f86a6b5eaaa43ff956db8cc8f8f13e9c9116f97b3c7ff4180
- Size
  
  19KB
- MD5
  
  d191d05e191ed855382e331e07379c1a
- SHA1
  
  a0a6d79d09c3fcb12c8017e3a43fe3e3f39857a5
- SHA256
  
  37ac8899bcfde74f86a6b5eaaa43ff956db8cc8f8f13e9c9116f97b3c7ff4180
- SHA512
  
  e76be387dd794ea704a52b8a734a433dfbb83189053e4681cbcb665dcf77e30d33b1e7f9a9a7770bd8ccdf4bee5ed02144403bba054ffbc656906cd6570ef11c
- SSDEEP
  
  192:VV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/29CqWF8qa1Dojjgi:3qaCF31cix+Dc4zjgCzFF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan

© 2018-2024

Terms | Privacy