cobaltstrike | 80e11a2e073d5b9167f256ea2131d606454196d6b776f03688153fed4b93b527 | Triage

Sharing

General

Target

80e11a2e073d5b9167f256ea2131d606454196d6b776f03688153fed4b93b527
Size

4.8MB
Sample

230313-h8391shb22
MD5

c255948ecb902d611243ccdeaca8d1c1
SHA1

c789f25130cc12f8440bc0ae6661ebed6e148f7e
SHA256

80e11a2e073d5b9167f256ea2131d606454196d6b776f03688153fed4b93b527
SHA512

b65e623be343c0d0f8eaa882a3a74d1ee99da8d150dda23871e77c53d12c9a1cf87801cbe2ee777957b734361a464bfe36268fc0125ca10702260ac29bd34281
SSDEEP

98304:FTUJLVxn6gC9eBOnV0Tp6v2GgM7PlNpwqP9VNaPw+UAM0jyIO3olinm:q/h6gtBOV0Tp6v2Gd7PKqPAYXKnQnm

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://38.54.101.225:1122/y94w

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; XBLWP7; ZuneWP7)

Targets

- Target
  
  80e11a2e073d5b9167f256ea2131d606454196d6b776f03688153fed4b93b527
- Size
  
  4.8MB
- MD5
  
  c255948ecb902d611243ccdeaca8d1c1
- SHA1
  
  c789f25130cc12f8440bc0ae6661ebed6e148f7e
- SHA256
  
  80e11a2e073d5b9167f256ea2131d606454196d6b776f03688153fed4b93b527
- SHA512
  
  b65e623be343c0d0f8eaa882a3a74d1ee99da8d150dda23871e77c53d12c9a1cf87801cbe2ee777957b734361a464bfe36268fc0125ca10702260ac29bd34281
- SSDEEP
  
  98304:FTUJLVxn6gC9eBOnV0Tp6v2GgM7PlNpwqP9VNaPw+UAM0jyIO3olinm:q/h6gtBOV0Tp6v2Gd7PKqPAYXKnQnm
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan