cobaltstrike | e1ce4cd94ea0bcc6f0b4724a34a396072b6eb016cf6577dcbd6f696c481e3dd7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1eeb21f5bc76671767fdfe7202356af0.bin
Size

8KB
Sample

231114-bqvrlafg6z
MD5

5fe757d864a6daa4896f536d1a145826
SHA1

cccbac4463a8e62c580a0753e6131998eba23d00
SHA256

e1ce4cd94ea0bcc6f0b4724a34a396072b6eb016cf6577dcbd6f696c481e3dd7
SHA512

8ff8f01c8313c8eee38bdc5a7b54d333a0ad4cc27ba81800e7ae76b9e15a6d06281560d0051e94b3fa62d22987927e2ac62b5c9d5fee887682c4e32c658826cf
SSDEEP

192:KIS2r/+BxJQ8wV0D80IEk71KPij188oSgkZKWm37MTQCdyVKD:KIvr/+BxCF0D8LL7EPC/Ykw3gJd9D

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://194.156.98.178:3737/P9qc

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; qdesk 2.4.1263.203; Windows NT 6.1; WOW64; Trident/5.0)

Targets

- Target
  
  afb7e8b63558574f48a385216b42264509a6fccec2e2c005cb8c0b06e44d5fc7.exe
- Size
  
  19KB
- MD5
  
  1eeb21f5bc76671767fdfe7202356af0
- SHA1
  
  60b8b46ac35435b82c4cb289251c2faa3005c964
- SHA256
  
  afb7e8b63558574f48a385216b42264509a6fccec2e2c005cb8c0b06e44d5fc7
- SHA512
  
  4e3f1406f270912e906a6f8d7041b35e06490615b20f4a0722b37f0415a2317fcc47fa05dee3080a18907c4a48ee2e6e7627724ea285d6d1665342ad9d6f5dc3
- SSDEEP
  
  192:RV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2rSDHC0hWF8qa1Dojjgi:jqaCF31cix+Dc4zjsS0FF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan