cobaltstrike | c5ff10641ac170cadda77f97395d963d3ee834b23b02891468bf017759ab17d6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1.exe
Size

17KB
Sample

231127-qfq3zsgg3z
MD5

1349669d0d5148e922d49821a4095f47
SHA1

3ea9111bc4d914238bd699b758ffb5e8da2a043c
SHA256

c5ff10641ac170cadda77f97395d963d3ee834b23b02891468bf017759ab17d6
SHA512

2891e009fd013fcf1f50b4b70a5d4dc77c81430cb67fb77f724003630850a296f7afbf90521a7a10984753aa80d1811305479ef3b1fb313bafc84b4f6f1e2823
SSDEEP

192:mDMAe4Ckj19RZZ6wpSfu1bKcq5uHj7khBDSeKNH4qEDBUbOj6kxiY:mDMAoKz6WtKEj7aBDix0bAY

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://101.37.167.126:8080/G9cz

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0; BOIE9;ENUS)

Targets

- Target
  
  1.exe
- Size
  
  17KB
- MD5
  
  1349669d0d5148e922d49821a4095f47
- SHA1
  
  3ea9111bc4d914238bd699b758ffb5e8da2a043c
- SHA256
  
  c5ff10641ac170cadda77f97395d963d3ee834b23b02891468bf017759ab17d6
- SHA512
  
  2891e009fd013fcf1f50b4b70a5d4dc77c81430cb67fb77f724003630850a296f7afbf90521a7a10984753aa80d1811305479ef3b1fb313bafc84b4f6f1e2823
- SSDEEP
  
  192:mDMAe4Ckj19RZZ6wpSfu1bKcq5uHj7khBDSeKNH4qEDBUbOj6kxiY:mDMAoKz6WtKEj7aBDix0bAY
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan