cobaltstrike | dce78a28758e168e4127c65b2e478b44f03b3297f8702b7eca210b1c2b8d59d4 | Triage

Sharing

General

Target

dce78a28758e168e4127c65b2e478b44f03b3297f8702b7eca210b1c2b8d59d4
Size

63KB
Sample

231101-keeexafh62
MD5

c2c3840201f229fd92e03ebb8885ab39
SHA1

12e6f3693636de69127874fab076b3bccc131c01
SHA256

dce78a28758e168e4127c65b2e478b44f03b3297f8702b7eca210b1c2b8d59d4
SHA512

cb2e36d1455101c810a151e2bee37f3882afb4dd4a2a23da165cd71e2f449689b42990a71207091c3e5b602b40c999d1a8a496dd73858000e503108faef0679a
SSDEEP

384:pVaQIM9Bm5FveT70SyyMB8haTfUIXdLxdDUWeHDEgnCkbnJGQfB5zuKjCIt+Gf/H:uQev7yMzvXV1gDEenJfB7kGf/A89v

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://103.207.166.75:1397/HVYf

Attributes

user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0)

Targets

- Target
  
  dce78a28758e168e4127c65b2e478b44f03b3297f8702b7eca210b1c2b8d59d4
- Size
  
  63KB
- MD5
  
  c2c3840201f229fd92e03ebb8885ab39
- SHA1
  
  12e6f3693636de69127874fab076b3bccc131c01
- SHA256
  
  dce78a28758e168e4127c65b2e478b44f03b3297f8702b7eca210b1c2b8d59d4
- SHA512
  
  cb2e36d1455101c810a151e2bee37f3882afb4dd4a2a23da165cd71e2f449689b42990a71207091c3e5b602b40c999d1a8a496dd73858000e503108faef0679a
- SSDEEP
  
  384:pVaQIM9Bm5FveT70SyyMB8haTfUIXdLxdDUWeHDEgnCkbnJGQfB5zuKjCIt+Gf/H:uQev7yMzvXV1gDEenJfB7kGf/A89v
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan