cobaltstrike | 4593628a657d18d87837397bc16145deabdb3e8d30edf0abfbcbd938980da7f9 | Triage

Sharing

General

Target

4593628a657d18d87837397bc16145deabdb3e8d30edf0abfbcbd938980da7f9
Size

112KB
Sample

230410-tp31pagc21
MD5

e9ebb326d59f6612436e19c8e0af7c30
SHA1

7045a739ef316befa069205ba8f0ef82efe794d1
SHA256

4593628a657d18d87837397bc16145deabdb3e8d30edf0abfbcbd938980da7f9
SHA512

612519064c76cce624d73e01ee4eeae4cac72a813fb75fe96e794e8ce8d6960a4c55cc11ad68d88b6ae28fcf335f1e84d8922408df65e9f1c7dcba3dcad11dd6
SSDEEP

3072:6B/ChovnD7XkD96A82B0kQg/VusyoV6z14JzVCM6Pfj:6B/SovnDwD1Kg4oUCVyPfj

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://vuhufovuv.com:443/components/as.ico

Attributes

user_agent
Host: google.co.jp Connection: close Accept-Language: en-GB;q=0.9, *;q=0.7 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

Targets

- Target
  
  4593628a657d18d87837397bc16145deabdb3e8d30edf0abfbcbd938980da7f9
- Size
  
  112KB
- MD5
  
  e9ebb326d59f6612436e19c8e0af7c30
- SHA1
  
  7045a739ef316befa069205ba8f0ef82efe794d1
- SHA256
  
  4593628a657d18d87837397bc16145deabdb3e8d30edf0abfbcbd938980da7f9
- SHA512
  
  612519064c76cce624d73e01ee4eeae4cac72a813fb75fe96e794e8ce8d6960a4c55cc11ad68d88b6ae28fcf335f1e84d8922408df65e9f1c7dcba3dcad11dd6
- SSDEEP
  
  3072:6B/ChovnD7XkD96A82B0kQg/VusyoV6z14JzVCM6Pfj:6B/SovnDwD1Kg4oUCVyPfj
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan