cobaltstrike | ee30601c6cd2d8dc6bfe7fabaf94049406efc1bbe5892aa3af5e3e2f385ea94a | Triage

Sharing

General

Target

ee30601c6cd2d8dc6bfe7fabaf94049406efc1bbe5892aa3af5e3e2f385ea94a
Size

19KB
Sample

231011-2w3mhaac6v
MD5

1b85954d53dcbb9df60f79d5c540728d
SHA1

07d1a9ef6aabf42c730729a99e3f910cb8526025
SHA256

ee30601c6cd2d8dc6bfe7fabaf94049406efc1bbe5892aa3af5e3e2f385ea94a
SHA512

448ef330cafc609a51ce1aca4464a52f3232320cbb26522db5420956e5403e7883d32af21ac20091f7782851a460d9449f85db76f3d39cfae0ed6c07b48f2769
SSDEEP

192:KV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2Z/iLWF8qa1Dojjgi:kqaCF31cix+Dc4zjSTFF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://58.87.96.158:666/cY7j

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)

Targets

- Target
  
  ee30601c6cd2d8dc6bfe7fabaf94049406efc1bbe5892aa3af5e3e2f385ea94a
- Size
  
  19KB
- MD5
  
  1b85954d53dcbb9df60f79d5c540728d
- SHA1
  
  07d1a9ef6aabf42c730729a99e3f910cb8526025
- SHA256
  
  ee30601c6cd2d8dc6bfe7fabaf94049406efc1bbe5892aa3af5e3e2f385ea94a
- SHA512
  
  448ef330cafc609a51ce1aca4464a52f3232320cbb26522db5420956e5403e7883d32af21ac20091f7782851a460d9449f85db76f3d39cfae0ed6c07b48f2769
- SSDEEP
  
  192:KV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2Z/iLWF8qa1Dojjgi:kqaCF31cix+Dc4zjSTFF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan