cobaltstrike | d812838222fd0d9a617d15d458b450e054515591156928f5c31dfa0db220a01f | Triage

Sharing

General

Target

d812838222fd0d9a617d15d458b450e054515591156928f5c31dfa0db220a01f
Size

14KB
Sample

220105-r3lbpaagan
MD5

d858585aeb5cd81c1e343f0b6b8fc8a5
SHA1

2327d5d2462763289c7a2b45756dae13ef6e9dfa
SHA256

d812838222fd0d9a617d15d458b450e054515591156928f5c31dfa0db220a01f
SHA512

6106abc688812fce465a3a3ffefd751c03b884100b3143d3c48c2e2f73f1aa2f6d48c6dd274eb175782f63f96aab0e7dd70649334c668e18859bae7f4ba91d29

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://47.93.63.179:2224/5ipO

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; BOIE9;ENAU)

Targets

- Target
  
  d812838222fd0d9a617d15d458b450e054515591156928f5c31dfa0db220a01f
- Size
  
  14KB
- MD5
  
  d858585aeb5cd81c1e343f0b6b8fc8a5
- SHA1
  
  2327d5d2462763289c7a2b45756dae13ef6e9dfa
- SHA256
  
  d812838222fd0d9a617d15d458b450e054515591156928f5c31dfa0db220a01f
- SHA512
  
  6106abc688812fce465a3a3ffefd751c03b884100b3143d3c48c2e2f73f1aa2f6d48c6dd274eb175782f63f96aab0e7dd70649334c668e18859bae7f4ba91d29
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan