cobaltstrike | cf0f1bc3fdf4dcb588e2eb46094c322cc712b0fd2e12cc01d012ec370fae05e9 | Triage

Sharing

General

Target

Employee-Bonus.exe
Size

1.3MB
Sample

210226-1snxvx6jrx
MD5

8800f7a212d1f4168117de53bd6ef5cc
SHA1

9a935b32758853838da0ed5eca3873d555f95c16
SHA256

cf0f1bc3fdf4dcb588e2eb46094c322cc712b0fd2e12cc01d012ec370fae05e9
SHA512

1051cd8c7441d171f51ac3822417bb743060e8f008bacfe46b65b5167a3afbfa320cbcae8841a69156ffcfc3fc7cfa2cbc5a5b5069d5686fa9e63b5e5789a9ad

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

Version

windows/download_exec

C2

http://jumpbill.com:443/image-directory/eso.jpg

Targets

- Target
  
  Employee-Bonus.exe
- Size
  
  1.3MB
- MD5
  
  8800f7a212d1f4168117de53bd6ef5cc
- SHA1
  
  9a935b32758853838da0ed5eca3873d555f95c16
- SHA256
  
  cf0f1bc3fdf4dcb588e2eb46094c322cc712b0fd2e12cc01d012ec370fae05e9
- SHA512
  
  1051cd8c7441d171f51ac3822417bb743060e8f008bacfe46b65b5167a3afbfa320cbcae8841a69156ffcfc3fc7cfa2cbc5a5b5069d5686fa9e63b5e5789a9ad
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan