cobaltstrike | 224118e672ac880e74e7469a1d75909446c34f3233b963db15cfb4193b022200 | Triage

Submit
Reports

Overview

overview

Static

static

3

224118e672...cs.exe

windows7-x64

224118e672...cs.exe

windows10-2004-x64

Sharing

General

Target

224118e672ac880e74e7469a1d75909446c34f3233b963db15cfb4193b022200_NeikiAnalytics.exe
Size

19KB
Sample

240630-29x9yasbln
MD5

c28185dd8c25a1b0d505ab9ed629ea40
SHA1

7db37445694a8944b585458afe72d734167f48aa
SHA256

224118e672ac880e74e7469a1d75909446c34f3233b963db15cfb4193b022200
SHA512

d8652f48ff2976a26dfb0eaf2ea69d1c5ffda440b7a4414c4acc0b4d26ab4a4db777f27458a09d7f9cda6d531e6c5d6d7738995ae11a84f713dd4b714acfd904
SSDEEP

192:aV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2hciWF8qa1Dojjgi:0qaCF31cix+Dc4zjTFF46gi

Score

10^/10

cobaltstrike backdoor trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

224118e672ac880e74e7469a1d75909446c34f3233b963db15cfb4193b022200_NeikiAnalytics.exe

Resource

win7-20240611-en

cobaltstrike backdoor trojan

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

224118e672ac880e74e7469a1d75909446c34f3233b963db15cfb4193b022200_NeikiAnalytics.exe

Resource

win10v2004-20240508-en

cobaltstrike backdoor trojan

windows10-2004-x64

1 signatures

150 seconds

Malware Config

Extracted

Family

cobaltstrike

C2

http://47.113.227.139:80/MKrS

Attributes

user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0)

Targets

- Target
  
  224118e672ac880e74e7469a1d75909446c34f3233b963db15cfb4193b022200_NeikiAnalytics.exe
- Size
  
  19KB
- MD5
  
  c28185dd8c25a1b0d505ab9ed629ea40
- SHA1
  
  7db37445694a8944b585458afe72d734167f48aa
- SHA256
  
  224118e672ac880e74e7469a1d75909446c34f3233b963db15cfb4193b022200
- SHA512
  
  d8652f48ff2976a26dfb0eaf2ea69d1c5ffda440b7a4414c4acc0b4d26ab4a4db777f27458a09d7f9cda6d531e6c5d6d7738995ae11a84f713dd4b714acfd904
- SSDEEP
  
  192:aV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2hciWF8qa1Dojjgi:0qaCF31cix+Dc4zjTFF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan

© 2018-2024

Terms | Privacy