cobaltstrike | 9031ceb25adfc927dbd4d5046375d3601e1f0e36aa4dcbc73ba5ff79a53c2802 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9031ceb25adfc927dbd4d5046375d3601e1f0e36aa4dcbc73ba5ff79a53c2802
Size

74KB
Sample

231212-k7nt2sadhj
MD5

23675dc23ebd655eba81ad8b7b1400af
SHA1

efae5ddf8ad99599f2acfd23a47b7517dd03bb49
SHA256

9031ceb25adfc927dbd4d5046375d3601e1f0e36aa4dcbc73ba5ff79a53c2802
SHA512

bccfdaa17b92b94851c62d49a2ce0a410c2b87ff562d6948423a98b7fab3692db46afde744b4c915b5bc650e88a217ba94426e066c1e5b9411537ba9ab6a1a55
SSDEEP

1536:drvvuBa0j8jU8cyRZrdIgX0s+1Lc/wh8EPDbm3iVU:dibpqp/w5DI8U

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://123.56.194.52:80/Cp8r

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Win64; x64; Trident/5.0; MAAU; NP08)

Targets

- Target
  
  9031ceb25adfc927dbd4d5046375d3601e1f0e36aa4dcbc73ba5ff79a53c2802
- Size
  
  74KB
- MD5
  
  23675dc23ebd655eba81ad8b7b1400af
- SHA1
  
  efae5ddf8ad99599f2acfd23a47b7517dd03bb49
- SHA256
  
  9031ceb25adfc927dbd4d5046375d3601e1f0e36aa4dcbc73ba5ff79a53c2802
- SHA512
  
  bccfdaa17b92b94851c62d49a2ce0a410c2b87ff562d6948423a98b7fab3692db46afde744b4c915b5bc650e88a217ba94426e066c1e5b9411537ba9ab6a1a55
- SSDEEP
  
  1536:drvvuBa0j8jU8cyRZrdIgX0s+1Lc/wh8EPDbm3iVU:dibpqp/w5DI8U
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan