cobaltstrike | a0d8a2af045f1d19f26ac6804895bda701d6b86ec5f3ad27978437547d40da29 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a0d8a2af045f1d19f26ac6804895bda701d6b86ec5f3ad27978437547d40da29_JC.exe
Size

17KB
Sample

230826-shcdqadc3t
MD5

2bbe72df499889632d0eb4fe58768f2b
SHA1

cb0a0dd3b5644a98d3f3ae249c5c02dccc5c2548
SHA256

a0d8a2af045f1d19f26ac6804895bda701d6b86ec5f3ad27978437547d40da29
SHA512

0147b246f0b48eb5f22aa14aeaeff08b8e14391308089026809bdc2532a96336b045eca5147a57147363f49f082fe9d313403fb4216912080e99222ee08bfccd
SSDEEP

192:kDMAe4Ckj19RZZ6wpSfu1bKcq5uHj7khBDSeKNH45i/qntBUbOj6kxiY:kDMAoKz6WtKEj7aBDi0i/qntbAY

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://81.69.249.203:10087/6Kwe

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0)

Targets

- Target
  
  a0d8a2af045f1d19f26ac6804895bda701d6b86ec5f3ad27978437547d40da29_JC.exe
- Size
  
  17KB
- MD5
  
  2bbe72df499889632d0eb4fe58768f2b
- SHA1
  
  cb0a0dd3b5644a98d3f3ae249c5c02dccc5c2548
- SHA256
  
  a0d8a2af045f1d19f26ac6804895bda701d6b86ec5f3ad27978437547d40da29
- SHA512
  
  0147b246f0b48eb5f22aa14aeaeff08b8e14391308089026809bdc2532a96336b045eca5147a57147363f49f082fe9d313403fb4216912080e99222ee08bfccd
- SSDEEP
  
  192:kDMAe4Ckj19RZZ6wpSfu1bKcq5uHj7khBDSeKNH45i/qntBUbOj6kxiY:kDMAoKz6WtKEj7aBDi0i/qntbAY
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan