cobaltstrike | fd993b610c27059591b33f361762b8d611e52009fc94ffa4c38c43cb425805c2 | Triage

Sharing

General

Target

ma.exe
Size

21KB
Sample

230405-m4dwsafc5s
MD5

18bf290e36b7d663e39a57443deeb242
SHA1

71916c159addbe212cbefcaabd9b486b2a9e4e36
SHA256

fd993b610c27059591b33f361762b8d611e52009fc94ffa4c38c43cb425805c2
SHA512

da3b33c3ad67f234e61a47a1a3b03916c247e9aa79856651a934cd91b9a203ee22fa653c7972434bdc08930beb0b7274e14e4827022cc493f16bed708b68f721
SSDEEP

192:8Za77eZ5IjNDMjj6FBLdj8lBA3qvn+kSbkNXAYFnibV41F/uoWoU1DMjgh8mWCsz:H7SXSNDy6FBZmMbSibVKuoWoKFhRWCW

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://64.112.43.99:8081/Cw6m

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)

Targets

- Target
  
  ma.exe
- Size
  
  21KB
- MD5
  
  18bf290e36b7d663e39a57443deeb242
- SHA1
  
  71916c159addbe212cbefcaabd9b486b2a9e4e36
- SHA256
  
  fd993b610c27059591b33f361762b8d611e52009fc94ffa4c38c43cb425805c2
- SHA512
  
  da3b33c3ad67f234e61a47a1a3b03916c247e9aa79856651a934cd91b9a203ee22fa653c7972434bdc08930beb0b7274e14e4827022cc493f16bed708b68f721
- SSDEEP
  
  192:8Za77eZ5IjNDMjj6FBLdj8lBA3qvn+kSbkNXAYFnibV41F/uoWoU1DMjgh8mWCsz:H7SXSNDy6FBZmMbSibVKuoWoKFhRWCW
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan