cobaltstrike | 72911afb5a1bc474f724fcc3f6b0e4d6802685c806051de536208ec43825d434 | Triage

Sharing

General

Target

72911afb5a1bc474f724fcc3f6b0e4d6802685c806051de536208ec43825d434
Size

75KB
Sample

230828-wpj9pagh8t
MD5

0c63cb821aef0677b05004e76e7ecb3a
SHA1

16b166c8c25b27befeb65edab348573780814b8c
SHA256

72911afb5a1bc474f724fcc3f6b0e4d6802685c806051de536208ec43825d434
SHA512

389e5a6e2adf177315ade3c2a64889bf55162544eb23d25775e008f1074c558f926fe5a2c930c0f2bbe5332c486521f98599c47d5cf0f9706f5514d77b0077d3
SSDEEP

768:9eTLQCgIr99EDy1xNAlnscAiDBd/RQGsrGYrGOao9:9evvZ99Eu6lnmiDBdiRrGYrGO

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://www.daociyiyou.tk:8443/api/2

Attributes

user_agent
Host: www.daociyiyou.tk User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.41 Safari/535.1 QQBrowser/6.9.11079.201

Targets

- Target
  
  72911afb5a1bc474f724fcc3f6b0e4d6802685c806051de536208ec43825d434
- Size
  
  75KB
- MD5
  
  0c63cb821aef0677b05004e76e7ecb3a
- SHA1
  
  16b166c8c25b27befeb65edab348573780814b8c
- SHA256
  
  72911afb5a1bc474f724fcc3f6b0e4d6802685c806051de536208ec43825d434
- SHA512
  
  389e5a6e2adf177315ade3c2a64889bf55162544eb23d25775e008f1074c558f926fe5a2c930c0f2bbe5332c486521f98599c47d5cf0f9706f5514d77b0077d3
- SSDEEP
  
  768:9eTLQCgIr99EDy1xNAlnscAiDBd/RQGsrGYrGOao9:9evvZ99Eu6lnmiDBdiRrGYrGO
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan