cobaltstrike | 78067fc2423d5733d0f8ac038a3b146c4179b1a3719ac1a4e57f3c40443e12f5 | Triage

Sharing

General

Target

78067fc2423d5733d0f8ac038a3b146c4179b1a3719ac1a4e57f3c40443e12f5
Size

40KB
Sample

230827-ls3v4aag4x
MD5

ad579719c2e18d9d6aa26667a6cec94e
SHA1

fb0c7d24c8df1625cd471edb0ce14b2442b137ee
SHA256

78067fc2423d5733d0f8ac038a3b146c4179b1a3719ac1a4e57f3c40443e12f5
SHA512

bff1d1ad1ece34d93f75181c822c1b370d9b4ea18fdaf0afb5512a4caf78a70a320fd0497752e67f57aa2c4bcb9d359cf6769fcf7d346cd220d7ad6da7944c63
SSDEEP

384:p038Da+IHtMTyF+GY5pOgahBzvuZhLXFySwPhgEv4CByD2Ckv:pbm+IayF+GY5pO/2ZSzhrByDZ2

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.137.3:80/bootstrap-2.min.js

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/5.0)

Targets

- Target
  
  78067fc2423d5733d0f8ac038a3b146c4179b1a3719ac1a4e57f3c40443e12f5
- Size
  
  40KB
- MD5
  
  ad579719c2e18d9d6aa26667a6cec94e
- SHA1
  
  fb0c7d24c8df1625cd471edb0ce14b2442b137ee
- SHA256
  
  78067fc2423d5733d0f8ac038a3b146c4179b1a3719ac1a4e57f3c40443e12f5
- SHA512
  
  bff1d1ad1ece34d93f75181c822c1b370d9b4ea18fdaf0afb5512a4caf78a70a320fd0497752e67f57aa2c4bcb9d359cf6769fcf7d346cd220d7ad6da7944c63
- SSDEEP
  
  384:p038Da+IHtMTyF+GY5pOgahBzvuZhLXFySwPhgEv4CByD2Ckv:pbm+IayF+GY5pO/2ZSzhrByDZ2
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan