cobaltstrike | 5d00e07ddf58761ebdff33898be9f21db2ce3b5b6eb60ec1a6b9b2e5f9a456fc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5d00e07ddf58761ebdff33898be9f21db2ce3b5b6eb60ec1a6b9b2e5f9a456fc
Size

19KB
Sample

231224-kpdw5abedp
MD5

3adf2af3519e3fc1fd112203a2dffa0f
SHA1

f1a143b31c22e142b5c526bbdfa180ee9b4305a5
SHA256

5d00e07ddf58761ebdff33898be9f21db2ce3b5b6eb60ec1a6b9b2e5f9a456fc
SHA512

960e94baada07738792e260e5adb1227495271b4a668778d1ba883b649a2de155bccc522ab24ea936f48629da452452a6f31473cdf8ae85bda40e19761edac35
SSDEEP

192:LV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2tdhTWF8qa1Dojjgi:lqaCF31cix+Dc4zjDFF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://141.98.11.100:54198/FoTT

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; UHS)

Targets

- Target
  
  5d00e07ddf58761ebdff33898be9f21db2ce3b5b6eb60ec1a6b9b2e5f9a456fc
- Size
  
  19KB
- MD5
  
  3adf2af3519e3fc1fd112203a2dffa0f
- SHA1
  
  f1a143b31c22e142b5c526bbdfa180ee9b4305a5
- SHA256
  
  5d00e07ddf58761ebdff33898be9f21db2ce3b5b6eb60ec1a6b9b2e5f9a456fc
- SHA512
  
  960e94baada07738792e260e5adb1227495271b4a668778d1ba883b649a2de155bccc522ab24ea936f48629da452452a6f31473cdf8ae85bda40e19761edac35
- SSDEEP
  
  192:LV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2tdhTWF8qa1Dojjgi:lqaCF31cix+Dc4zjDFF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan