cobaltstrike | b447a7bb633f682058d4b9df5caabbe8c794f087b80bf598d6741a255e925078 | Triage

Sharing

General

Target

b447a7bb633f682058d4b9df5caabbe8c794f087b80bf598d6741a255e925078
Size

96KB
Sample

220121-29zsrsceh5
MD5

63584677683b5fbf4f69053a8de9ecbe
SHA1

3c523a969cc4c273ae27fef32630701516b08873
SHA256

b447a7bb633f682058d4b9df5caabbe8c794f087b80bf598d6741a255e925078
SHA512

d4eef1d604ad99f7174a9082cb8c34f544b15010a011085ad92ff358b0138733b189c5ca76f8382c4483256ec58d1369527186c24321233d7b5a0277947e8312

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://66.42.103.222:8082/XXYT

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; Win64; x64; Trident/6.0; ASU2JS)

Targets

- Target
  
  b447a7bb633f682058d4b9df5caabbe8c794f087b80bf598d6741a255e925078
- Size
  
  96KB
- MD5
  
  63584677683b5fbf4f69053a8de9ecbe
- SHA1
  
  3c523a969cc4c273ae27fef32630701516b08873
- SHA256
  
  b447a7bb633f682058d4b9df5caabbe8c794f087b80bf598d6741a255e925078
- SHA512
  
  d4eef1d604ad99f7174a9082cb8c34f544b15010a011085ad92ff358b0138733b189c5ca76f8382c4483256ec58d1369527186c24321233d7b5a0277947e8312
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan