cobaltstrike | d2be4d87699baadf8367a8ee9a35c63b8e9b93ce924dc96bb8dccb164800b9e6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d2be4d87699baadf8367a8ee9a35c63b8e9b93ce924dc96bb8dccb164800b9e6
Size

19KB
Sample

231013-dggjqade54
MD5

6fc357ec194e1d0f58e807b02b99eb4e
SHA1

b5877b85e50762fe725840ad5c7519ccfbbcec18
SHA256

d2be4d87699baadf8367a8ee9a35c63b8e9b93ce924dc96bb8dccb164800b9e6
SHA512

7d0ecd1ea35321d9760cf090fafb07197cca78ba3166198184c6c834c8fb1e6cd12876e5d698f34ac673e88522e04a11394faba23d60340153918d9545c2633c
SSDEEP

192:2V7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2GFBT4aFFWF8qa1Dojjgi:QqaCF31cix+Dc4zjxtaFF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://172.16.1.179:8080/fIcK

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0; BO1IE8_v1;ENUS)

Targets

- Target
  
  d2be4d87699baadf8367a8ee9a35c63b8e9b93ce924dc96bb8dccb164800b9e6
- Size
  
  19KB
- MD5
  
  6fc357ec194e1d0f58e807b02b99eb4e
- SHA1
  
  b5877b85e50762fe725840ad5c7519ccfbbcec18
- SHA256
  
  d2be4d87699baadf8367a8ee9a35c63b8e9b93ce924dc96bb8dccb164800b9e6
- SHA512
  
  7d0ecd1ea35321d9760cf090fafb07197cca78ba3166198184c6c834c8fb1e6cd12876e5d698f34ac673e88522e04a11394faba23d60340153918d9545c2633c
- SSDEEP
  
  192:2V7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2GFBT4aFFWF8qa1Dojjgi:QqaCF31cix+Dc4zjxtaFF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan