cobaltstrike | a3f087f5d974630a5af02c817a6544a6d142f7955e60086a6f3b53e9ca99de7c | Triage

Resubmissions

15-03-2022 16:56

220315-vfwexsdff3 10

28-04-2021 12:06

210428-jlqb6yrq2n 10

Sharing

General

Target

a3f087f5d974630a5af02c817a6544a6d142f7955e60086a6f3b53e9ca99de7c
Size

19KB
Sample

220315-vfwexsdff3
MD5

c6331ff09d46716462299f1826779005
SHA1

7102086dec47a9c4b099fabb4d8baee2b283b638
SHA256

a3f087f5d974630a5af02c817a6544a6d142f7955e60086a6f3b53e9ca99de7c
SHA512

f39f7d81f958a48a45bedb2e0e146343c5000339ee1339c450c575a690df4c797f477ff0d1ec9408c960c4f8975f854ba629c500a04a29874cd15672e4e3fc24

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.119.128:80/SePU

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; MANM)

Targets

- Target
  
  a3f087f5d974630a5af02c817a6544a6d142f7955e60086a6f3b53e9ca99de7c
- Size
  
  19KB
- MD5
  
  c6331ff09d46716462299f1826779005
- SHA1
  
  7102086dec47a9c4b099fabb4d8baee2b283b638
- SHA256
  
  a3f087f5d974630a5af02c817a6544a6d142f7955e60086a6f3b53e9ca99de7c
- SHA512
  
  f39f7d81f958a48a45bedb2e0e146343c5000339ee1339c450c575a690df4c797f477ff0d1ec9408c960c4f8975f854ba629c500a04a29874cd15672e4e3fc24
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan