cobaltstrike | d29f509d835a309cdae3a983439949090d4f352dbe7ecd3c88f6b564dd3a06df | Triage

Sharing

General

Target

d29f509d835a309cdae3a983439949090d4f352dbe7ecd3c88f6b564dd3a06df
Size

20KB
Sample

231102-khb4yshf3s
MD5

639f800cb121776c3f2145020197b8be
SHA1

ed120919cf86d6f9162bec63a14e962c9a762fa7
SHA256

d29f509d835a309cdae3a983439949090d4f352dbe7ecd3c88f6b564dd3a06df
SHA512

83cc99a7bd18d7a640c7ef7962f1f0e8ce9c60cf2fcaebab2d9891b9c76839257f6eaf486d57123728bd0d194bfb7927e3ffc1a3dd6c0184bd97b6262c621b4e
SSDEEP

384:+a+tlYQU/PYqiZx/cpFptMt5tE+TLRhvaEXHsXyXYjQT4lWSU3U:+lF/cpFptMt5tLn0yXTGWSU3

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.0.130:443/mj8N

Attributes

user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)

Targets

- Target
  
  d29f509d835a309cdae3a983439949090d4f352dbe7ecd3c88f6b564dd3a06df
- Size
  
  20KB
- MD5
  
  639f800cb121776c3f2145020197b8be
- SHA1
  
  ed120919cf86d6f9162bec63a14e962c9a762fa7
- SHA256
  
  d29f509d835a309cdae3a983439949090d4f352dbe7ecd3c88f6b564dd3a06df
- SHA512
  
  83cc99a7bd18d7a640c7ef7962f1f0e8ce9c60cf2fcaebab2d9891b9c76839257f6eaf486d57123728bd0d194bfb7927e3ffc1a3dd6c0184bd97b6262c621b4e
- SSDEEP
  
  384:+a+tlYQU/PYqiZx/cpFptMt5tE+TLRhvaEXHsXyXYjQT4lWSU3U:+lF/cpFptMt5tLn0yXTGWSU3
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan