cobaltstrike | 33ddd1d6b4a74da91e97c0174406b4f09b828365dfa29785273c4b06ebcd26c8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

33ddd1d6b4a74da91e97c0174406b4f09b828365dfa29785273c4b06ebcd26c8
Size

1.3MB
Sample

231211-zq472aaeg7
MD5

4b065f19e8759bae1953802946648909
SHA1

919f1160b0784dec1ae9d624e3f6e46d50698d9a
SHA256

33ddd1d6b4a74da91e97c0174406b4f09b828365dfa29785273c4b06ebcd26c8
SHA512

b12dcda179202567da486119dca08a7d856610a2bbba58ec4ae8e208a05ac8812e2886dbb55e9a4e916a3240a5eee9d7994e172b8a2809ca823d0f2c68c49494
SSDEEP

24576:3Igm87ypUwuKbn1+NZIQoj1aPRMgia2T90iVWjkKybTs5i:zmVpUwuBfNL2T+TIhTs

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://www.emohack.xyz:8443/components/oaSDOSAHD.gif

Attributes

user_agent
Host: www.emohack.xyz Connection: close Accept-Encoding: gzip, br User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)

Targets

- Target
  
  33ddd1d6b4a74da91e97c0174406b4f09b828365dfa29785273c4b06ebcd26c8
- Size
  
  1.3MB
- MD5
  
  4b065f19e8759bae1953802946648909
- SHA1
  
  919f1160b0784dec1ae9d624e3f6e46d50698d9a
- SHA256
  
  33ddd1d6b4a74da91e97c0174406b4f09b828365dfa29785273c4b06ebcd26c8
- SHA512
  
  b12dcda179202567da486119dca08a7d856610a2bbba58ec4ae8e208a05ac8812e2886dbb55e9a4e916a3240a5eee9d7994e172b8a2809ca823d0f2c68c49494
- SSDEEP
  
  24576:3Igm87ypUwuKbn1+NZIQoj1aPRMgia2T90iVWjkKybTs5i:zmVpUwuBfNL2T+TIhTs
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan