cobaltstrike | 732ec36d9cb4d9ed6230687564abdb77976c6dc3f4845113238c7e20d8cdccd0 | Triage

Sharing

General

Target

732ec36d9cb4d9ed6230687564abdb77976c6dc3f4845113238c7e20d8cdccd0
Size

41KB
Sample

230804-mr94fsae89
MD5

3df8deb053cf4b2585a7d6e0f58d4216
SHA1

3718d73cb11727463d11880eb21e2463446521ee
SHA256

732ec36d9cb4d9ed6230687564abdb77976c6dc3f4845113238c7e20d8cdccd0
SHA512

e8aa6730eedaafb63bf7ad477a685dc0e9b29ebdcbb8bf9066d8e697fd49eaf0ad77797d1caf944834c8ef94d9c1fadcf27cae6710494fab2727fdeda9761f39
SSDEEP

768:IVoYCxFEwrEB3sC+S805A3T6eJGmj5uZ:EoBF7f30wTDnq

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.85.129:80/vVGJ

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0; BOIE9;ENUS)

Targets

- Target
  
  732ec36d9cb4d9ed6230687564abdb77976c6dc3f4845113238c7e20d8cdccd0
- Size
  
  41KB
- MD5
  
  3df8deb053cf4b2585a7d6e0f58d4216
- SHA1
  
  3718d73cb11727463d11880eb21e2463446521ee
- SHA256
  
  732ec36d9cb4d9ed6230687564abdb77976c6dc3f4845113238c7e20d8cdccd0
- SHA512
  
  e8aa6730eedaafb63bf7ad477a685dc0e9b29ebdcbb8bf9066d8e697fd49eaf0ad77797d1caf944834c8ef94d9c1fadcf27cae6710494fab2727fdeda9761f39
- SSDEEP
  
  768:IVoYCxFEwrEB3sC+S805A3T6eJGmj5uZ:EoBF7f30wTDnq
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan