cobaltstrike | a66548ee504c17ada0f5306f5f794464f8a6f885c7d45e1fbaad00c19488577b | Triage

Sharing

General

Target

a66548ee504c17ada0f5306f5f794464f8a6f885c7d45e1fbaad00c19488577b
Size

7.8MB
Sample

230930-f3bayaha3y
MD5

55bdcfd63b818a35afaa251d1119c6c1
SHA1

520596a7fc7a5db4f3eb84dfcc5a1e5873b21d7e
SHA256

a66548ee504c17ada0f5306f5f794464f8a6f885c7d45e1fbaad00c19488577b
SHA512

64823138dfcf5e1fbb62c916326876bb9feba1fd29665f7d24854f16b5a8016d7cd0c1a62b5b51a3d52b6a3f2ae046b6ffcd0d3524bfeca65f17a299050ecefd
SSDEEP

196608:JiAVhNdQmRJ8dA6lXCy1ArqkVpKCX+PrF4ZJaTeghRA7eFfckhZ:YAVrdQuslXrAZYCuPJOGeg3AqyKZ

Score

10^/10

cobaltstrike backdoor pyinstaller trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://47.120.1.235:1234/d7lV

Attributes

user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)

Targets

- Target
  
  a66548ee504c17ada0f5306f5f794464f8a6f885c7d45e1fbaad00c19488577b
- Size
  
  7.8MB
- MD5
  
  55bdcfd63b818a35afaa251d1119c6c1
- SHA1
  
  520596a7fc7a5db4f3eb84dfcc5a1e5873b21d7e
- SHA256
  
  a66548ee504c17ada0f5306f5f794464f8a6f885c7d45e1fbaad00c19488577b
- SHA512
  
  64823138dfcf5e1fbb62c916326876bb9feba1fd29665f7d24854f16b5a8016d7cd0c1a62b5b51a3d52b6a3f2ae046b6ffcd0d3524bfeca65f17a299050ecefd
- SSDEEP
  
  196608:JiAVhNdQmRJ8dA6lXCy1ArqkVpKCX+PrF4ZJaTeghRA7eFfckhZ:YAVrdQuslXrAZYCuPJOGeg3AqyKZ
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

cobaltstrikebackdoortrojan