cobaltstrike | a7df8143a36638de40233b141919d767678b45bf5467e948a637eaafb2820550 | Triage

Sharing

General

Target

a7df8143a36638de40233b141919d767678b45bf5467e948a637eaafb2820550
Size

96KB
Sample

220121-3ca9ksdafr
MD5

dc758b9ecca41f7f66808258efbfc6cf
SHA1

be39c3022218ccb3abcfc6c906359b76571f4241
SHA256

a7df8143a36638de40233b141919d767678b45bf5467e948a637eaafb2820550
SHA512

7f2683d3c3cdcd1ecc9d4b1374a1c0ab180fa9c05677a33ce048bd5b89c8fb852c3c02bb21358cbda4d351e0f24898b062ddb7b8bcbbce1beb80a8952e36dbbf

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://45.76.75.219:8080/AU/Suggestions?pt=page.sero&bp=mail&mkt=en-us&qry=mail&cp=4&css=1

Attributes

user_agent
Host: www.bing.com Accept: */* Accept-Encoding: gzip, deflate, br Referer: http://www.bing.com/ Cookie: MUID=334CD6FEB6576DD320F6DA5CB2576EF1; SRCHD=AF=NOFORM; Postman-Token: 20a0925a-8eab-9d86-a580-88933b1c6331 User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0)

Targets

- Target
  
  a7df8143a36638de40233b141919d767678b45bf5467e948a637eaafb2820550
- Size
  
  96KB
- MD5
  
  dc758b9ecca41f7f66808258efbfc6cf
- SHA1
  
  be39c3022218ccb3abcfc6c906359b76571f4241
- SHA256
  
  a7df8143a36638de40233b141919d767678b45bf5467e948a637eaafb2820550
- SHA512
  
  7f2683d3c3cdcd1ecc9d4b1374a1c0ab180fa9c05677a33ce048bd5b89c8fb852c3c02bb21358cbda4d351e0f24898b062ddb7b8bcbbce1beb80a8952e36dbbf
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan