cobaltstrike | d6a8f5cf11e992ce94895e59cfa08a4b7d36d2552587c9db6c7f3b1a338e7d08 | Triage

Submit
Reports

Overview

overview

Static

static

file.ps1

windows10-1703-x64

Sharing

General

Target

file.ps1
Size

3KB
Sample

220911-csh19aahd7
MD5

c4a04ce2d5a109cc76e7ffe5e2d4b124
SHA1

0466028fbec471f4f11d5995ccb17aff6cb6305f
SHA256

d6a8f5cf11e992ce94895e59cfa08a4b7d36d2552587c9db6c7f3b1a338e7d08
SHA512

4bd2f68f8b7aa022216d37856829cfd996aab0ae3755ae0da8d0308f5e76dbb45a1f8011bc70ce99b23d913dc9223dbb6bb5f552d5c92d2bbccf7c9bae9e647c

Score

10^/10

cobaltstrike metasploit backdoor trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

file.ps1

Resource

win10-20220812-en

cobaltstrike backdoor trojan

windows10-1703-x64

5 signatures

1800 seconds

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://sprinthunter.com:443/NiVO

Targets

- Target
  
  file.ps1
- Size
  
  3KB
- MD5
  
  c4a04ce2d5a109cc76e7ffe5e2d4b124
- SHA1
  
  0466028fbec471f4f11d5995ccb17aff6cb6305f
- SHA256
  
  d6a8f5cf11e992ce94895e59cfa08a4b7d36d2552587c9db6c7f3b1a338e7d08
- SHA512
  
  4bd2f68f8b7aa022216d37856829cfd996aab0ae3755ae0da8d0308f5e76dbb45a1f8011bc70ce99b23d913dc9223dbb6bb5f552d5c92d2bbccf7c9bae9e647c
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
- Blocklisted process makes network request
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

© 2018-2024

Terms | Privacy