cobaltstrike | 6b9b5df993a38ebb2fa3eba4c26686b49aa57ec577902222225058a02284170e | Triage

Sharing

General

Target

Employee Annual Report.exe
Size

287KB
Sample

210227-55dqenaj1a
MD5

e0aeb91c1768b663b70adfc418512cbc
SHA1

9c8de5c9ee4ccc7d8ca046b62f2fc55fdcae89f6
SHA256

6b9b5df993a38ebb2fa3eba4c26686b49aa57ec577902222225058a02284170e
SHA512

14c505cfe4b0a65454f196ee42e32d6f263056694ead5c8787aa3efe921d2885df58676196e9f4315869dc1283cf9be4dad39f6e85f2ee0e147591eb14e1fb46

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

Version

windows/download_exec

C2

http://redwelt.com:443/files/links.gif

Targets

- Target
  
  Employee Annual Report.exe
- Size
  
  287KB
- MD5
  
  e0aeb91c1768b663b70adfc418512cbc
- SHA1
  
  9c8de5c9ee4ccc7d8ca046b62f2fc55fdcae89f6
- SHA256
  
  6b9b5df993a38ebb2fa3eba4c26686b49aa57ec577902222225058a02284170e
- SHA512
  
  14c505cfe4b0a65454f196ee42e32d6f263056694ead5c8787aa3efe921d2885df58676196e9f4315869dc1283cf9be4dad39f6e85f2ee0e147591eb14e1fb46
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan