cobaltstrike | 721041a2c612ee5f758802265c8a93d1f6531badc6748784d5f2643062f52e74 | Triage

Submit
Reports

Overview

overview

Static

static

3

721041a2c6...74.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

721041a2c612ee5f758802265c8a93d1f6531badc6748784d5f2643062f52e74
Size

9.0MB
Sample

250518-ktts5sgr5v
MD5

57f22956354cd8fd62aa0f7c06d5b085
SHA1

8e9a753eb3bb14747152bb3526358934dd552178
SHA256

721041a2c612ee5f758802265c8a93d1f6531badc6748784d5f2643062f52e74
SHA512

a53cbdb0af134adf6926685d0f6b1e3b192275cee7326e755adde2fdebc0d00bb5b1ac55d9965e6fc90eee20771878694857b5758ad29ed43a6f2be358d26eb7
SSDEEP

196608:0w1qWQ3eYV/XO21W903eV4Q2tpDjIIAcwDUk2RPBv/k9jpIL:U3e6+cW+eGQi9joURWu

Score

10^/10

cobaltstrike backdoor pyinstaller trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

721041a2c612ee5f758802265c8a93d1f6531badc6748784d5f2643062f52e74.exe

Resource

win10v2004-20250502-en

cobaltstrike backdoor trojan

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.3.249:80/1auV

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; WOW64; Trident/5.0)

Targets

- Target
  
  721041a2c612ee5f758802265c8a93d1f6531badc6748784d5f2643062f52e74
- Size
  
  9.0MB
- MD5
  
  57f22956354cd8fd62aa0f7c06d5b085
- SHA1
  
  8e9a753eb3bb14747152bb3526358934dd552178
- SHA256
  
  721041a2c612ee5f758802265c8a93d1f6531badc6748784d5f2643062f52e74
- SHA512
  
  a53cbdb0af134adf6926685d0f6b1e3b192275cee7326e755adde2fdebc0d00bb5b1ac55d9965e6fc90eee20771878694857b5758ad29ed43a6f2be358d26eb7
- SSDEEP
  
  196608:0w1qWQ3eYV/XO21W903eV4Q2tpDjIIAcwDUk2RPBv/k9jpIL:U3e6+cW+eGQi9joURWu
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
- Cobaltstrike family
  cobaltstrike
- Loads dropped DLL
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

© 2018-2025

Terms | Privacy

	
		OSZAR »