cobaltstrike | 087153ed5bb9bb9807e37a8fd745a16a634497a842896f232ab4cfb54197ba00 | Triage

Sharing

General

Target

1ddec479b1a7579fc52c734510473aa3
Size

137KB
Sample

231230-1w8m3sghfl
MD5

1ddec479b1a7579fc52c734510473aa3
SHA1

960b1b4292c2a73fbe3c04a1ff938ffd76981620
SHA256

087153ed5bb9bb9807e37a8fd745a16a634497a842896f232ab4cfb54197ba00
SHA512

02c67f543a9ec456679e5fa30f9a2ea453bed95393d96de5f409605626cf9d968b50ad27151fb925253029d20a43507020bc6adf20b2ae037471ea2fe46177de
SSDEEP

3072:wUJ9sXDS+LpeJ+zbCWS6FFswY0uYGpCM:ZsXDNBzbC76FFsjE

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://162.244.80.46:80/components/mt.ico

Attributes

user_agent
Host: loikdo.com Connection: close Accept-Encoding: br User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 12_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0

Targets

- Target
  
  1ddec479b1a7579fc52c734510473aa3
- Size
  
  137KB
- MD5
  
  1ddec479b1a7579fc52c734510473aa3
- SHA1
  
  960b1b4292c2a73fbe3c04a1ff938ffd76981620
- SHA256
  
  087153ed5bb9bb9807e37a8fd745a16a634497a842896f232ab4cfb54197ba00
- SHA512
  
  02c67f543a9ec456679e5fa30f9a2ea453bed95393d96de5f409605626cf9d968b50ad27151fb925253029d20a43507020bc6adf20b2ae037471ea2fe46177de
- SSDEEP
  
  3072:wUJ9sXDS+LpeJ+zbCWS6FFswY0uYGpCM:ZsXDNBzbC76FFsjE
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan