cobaltstrike | acb88ed42ad64a6d48870cd466c66e52d0c27d14e3735ac0cb2092ffba6e382a | Triage

Sharing

General

Target

2ca332d56d0e032be324b6ed2c014f4edf9cfa328bc5ac61e5434c9ddf7c17b6.7z
Size

461KB
Sample

220118-1vmdfsdfal
MD5

1b40fe5bb2be528ffedbc32ae306e443
SHA1

ab467582e40caf1ddbb0cd0547d61bebb4b4fe51
SHA256

acb88ed42ad64a6d48870cd466c66e52d0c27d14e3735ac0cb2092ffba6e382a
SHA512

03c82966f088d174bc947514466ff42d629b6597367d0301ff3c990601fe85cd3e4e8f6f432da51c167f2d4412915b38db9b274e7f88d51e7ecd768e3499555b

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://c2cgy.flashi.com.cn:443/DYJv

Attributes

user_agent
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101 Firefox/24.0

Targets

- Target
  
  2ca332d56d0e032be324b6ed2c014f4edf9cfa328bc5ac61e5434c9ddf7c17b6
- Size
  
  1.5MB
- MD5
  
  97dbc32566bd2945ac2d7decb41592ba
- SHA1
  
  190aa524759a498a3716b1b5350392bdd789cc95
- SHA256
  
  2ca332d56d0e032be324b6ed2c014f4edf9cfa328bc5ac61e5434c9ddf7c17b6
- SHA512
  
  6dc720d2a001639053e42cc72beb772a15445006b30416be7514b8b44484ad99b0cce918b82e9b38dab9d625912b128258b6c31c12fe473669415e6c3b006395
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan