cobaltstrike | 43522c6bbce95eaf69c538b583dd7fb3ce38613f9839a379878eeb1a9f40439b | Triage

Sharing

General

Target

43522c6bbce95eaf69c538b583dd7fb3ce38613f9839a379878eeb1a9f40439b
Size

26KB
Sample

220704-em99nagfa5
MD5

2cbc817e44cdf6dffe4af9432ff71d9f
SHA1

8308214aa1c9a06ddd2223ba7ca8505fc6220703
SHA256

43522c6bbce95eaf69c538b583dd7fb3ce38613f9839a379878eeb1a9f40439b
SHA512

685d288348f901eada937cb2c1680b7bef241ad14bcf9da9f4f10fa2f9b073cf01fdd22879f91a861c305137eede7c0629ca153d883c5f73de0b2ff48b64ae11

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.127.128:4444/ADwa

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; UHS) Host: null

Targets

- Target
  
  43522c6bbce95eaf69c538b583dd7fb3ce38613f9839a379878eeb1a9f40439b
- Size
  
  26KB
- MD5
  
  2cbc817e44cdf6dffe4af9432ff71d9f
- SHA1
  
  8308214aa1c9a06ddd2223ba7ca8505fc6220703
- SHA256
  
  43522c6bbce95eaf69c538b583dd7fb3ce38613f9839a379878eeb1a9f40439b
- SHA512
  
  685d288348f901eada937cb2c1680b7bef241ad14bcf9da9f4f10fa2f9b073cf01fdd22879f91a861c305137eede7c0629ca153d883c5f73de0b2ff48b64ae11
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan