cobaltstrike | 737debd9b8fe8282f0352887169679a2444735089c1d750a5a182f6d05722aea | Triage

Sharing

Copy URL Twitter E-mail

General

Target

737debd9b8fe8282f0352887169679a2444735089c1d750a5a182f6d05722aea
Size

469KB
Sample

231120-ahdyfach74
MD5

fe76135cbc97d3735081a3e21574b112
SHA1

12c3ae0f3ea9cc935274e99fd05962203a749d0d
SHA256

737debd9b8fe8282f0352887169679a2444735089c1d750a5a182f6d05722aea
SHA512

718ee77cffa343ae34fa62a41549cf2c690aab9b2c16c2cbad20be00448f4b472929857c1132b02693ed9f758b428b77e8a90e3bf12f00b4a49fadd39227871b
SSDEEP

6144:mjwrMJqBrWhCSN21DZuBCPhKQbCZvZBS2Au5raT4yPJA8IBoyYFMJDLpGcRMxY/Y:mjXsRD0C5kvybOraT4yPJWsF+VGriw

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://117.50.178.197:27843/Rpc

Attributes

user_agent
Accept: */* User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko)

Targets

- Target
  
  737debd9b8fe8282f0352887169679a2444735089c1d750a5a182f6d05722aea
- Size
  
  469KB
- MD5
  
  fe76135cbc97d3735081a3e21574b112
- SHA1
  
  12c3ae0f3ea9cc935274e99fd05962203a749d0d
- SHA256
  
  737debd9b8fe8282f0352887169679a2444735089c1d750a5a182f6d05722aea
- SHA512
  
  718ee77cffa343ae34fa62a41549cf2c690aab9b2c16c2cbad20be00448f4b472929857c1132b02693ed9f758b428b77e8a90e3bf12f00b4a49fadd39227871b
- SSDEEP
  
  6144:mjwrMJqBrWhCSN21DZuBCPhKQbCZvZBS2Au5raT4yPJA8IBoyYFMJDLpGcRMxY/Y:mjXsRD0C5kvybOraT4yPJWsF+VGriw
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

cobaltstrikebackdoortrojan