cobaltstrike | ea4f06ccea1219dc39299afeb22eea3a2e2cbf8ca13b4d22bbcf3e5dde91d780 | Triage

Submit
Reports

Overview

overview

Static

static

3

ea4f06ccea...80.exe

windows7-x64

ea4f06ccea...80.exe

windows10-2004-x64

Sharing

General

Target

ea4f06ccea1219dc39299afeb22eea3a2e2cbf8ca13b4d22bbcf3e5dde91d780
Size

19KB
Sample

240630-lb9x3syfpk
MD5

baf284515fd1e008de905653576ba26a
SHA1

6c8ab2c8be44d39d84ab1a6d9a5bdc0079ba96f1
SHA256

ea4f06ccea1219dc39299afeb22eea3a2e2cbf8ca13b4d22bbcf3e5dde91d780
SHA512

74e1a31698488439978a3f06487634626a4a581532cf4db58af9a87a08cc4824d2e8a08e2fb023637b4ff65dfdbad6acab69cc78786e18c4d7e3d413dd5ffd6b
SSDEEP

192:nV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/25V5lRCnUWF8qa1Dojjgi:RqaCF31cix+Dc4zjwVhChFF46gi

Score

10^/10

cobaltstrike backdoor trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

ea4f06ccea1219dc39299afeb22eea3a2e2cbf8ca13b4d22bbcf3e5dde91d780.exe

Resource

win7-20240611-en

cobaltstrike backdoor trojan

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

ea4f06ccea1219dc39299afeb22eea3a2e2cbf8ca13b4d22bbcf3e5dde91d780.exe

Resource

win10v2004-20240611-en

cobaltstrike backdoor trojan

windows10-2004-x64

1 signatures

150 seconds

Malware Config

Extracted

Family

cobaltstrike

C2

http://116.204.24.189:8888/MqQN

Attributes

user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; 360space)

Targets

- Target
  
  ea4f06ccea1219dc39299afeb22eea3a2e2cbf8ca13b4d22bbcf3e5dde91d780
- Size
  
  19KB
- MD5
  
  baf284515fd1e008de905653576ba26a
- SHA1
  
  6c8ab2c8be44d39d84ab1a6d9a5bdc0079ba96f1
- SHA256
  
  ea4f06ccea1219dc39299afeb22eea3a2e2cbf8ca13b4d22bbcf3e5dde91d780
- SHA512
  
  74e1a31698488439978a3f06487634626a4a581532cf4db58af9a87a08cc4824d2e8a08e2fb023637b4ff65dfdbad6acab69cc78786e18c4d7e3d413dd5ffd6b
- SSDEEP
  
  192:nV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/25V5lRCnUWF8qa1Dojjgi:RqaCF31cix+Dc4zjwVhChFF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan

© 2018-2024

Terms | Privacy