cobaltstrike | e798fba57d6cda04297e94e8d4f73f08b980d8ef526fc611e31592e2c8812c25 | Triage

Sharing

General

Target

e798fba57d6cda04297e94e8d4f73f08b980d8ef526fc611e31592e2c8812c25
Size

61KB
Sample

230901-ga63ksda57
MD5

cf49c149730212743734e1b883ae8559
SHA1

f5d0517b2ff70e9097be7a790d05b1f2c97c7e2b
SHA256

e798fba57d6cda04297e94e8d4f73f08b980d8ef526fc611e31592e2c8812c25
SHA512

44d855d1724ec7b4f011910c2e92e6b4ff040329b186c61014d41240c3bc2a73afd5fefd67304702dfb8b7d2615a85daa12fa2230aaa70f2e2162abd90f17151
SSDEEP

384:PmeYeToW3Zy7Fp/Z5IMuOXdTIvuH9mAjD33AiKleAMQfBXUUVdP89ZO:PLAMyHMMNpjj3Ai2eAFBk8P89

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://43.153.222.28:4646/qPc9

Attributes

user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; InfoPath.1)

Targets

- Target
  
  e798fba57d6cda04297e94e8d4f73f08b980d8ef526fc611e31592e2c8812c25
- Size
  
  61KB
- MD5
  
  cf49c149730212743734e1b883ae8559
- SHA1
  
  f5d0517b2ff70e9097be7a790d05b1f2c97c7e2b
- SHA256
  
  e798fba57d6cda04297e94e8d4f73f08b980d8ef526fc611e31592e2c8812c25
- SHA512
  
  44d855d1724ec7b4f011910c2e92e6b4ff040329b186c61014d41240c3bc2a73afd5fefd67304702dfb8b7d2615a85daa12fa2230aaa70f2e2162abd90f17151
- SSDEEP
  
  384:PmeYeToW3Zy7Fp/Z5IMuOXdTIvuH9mAjD33AiKleAMQfBXUUVdP89ZO:PLAMyHMMNpjj3Ai2eAFBk8P89
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan