cobaltstrike | 69b58bd2fce068716ec67dd37adce58c585a24f7a905877ab247a95e6b36b47a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

69b58bd2fce068716ec67dd37adce58c585a24f7a905877ab247a95e6b36b47a
Size

19KB
Sample

240101-2jkadsbgcr
MD5

983c53b661f35ba64028561ef7d8537b
SHA1

1c4c6c1a1f6c76c42dbbc98ff7a3985884ad0804
SHA256

69b58bd2fce068716ec67dd37adce58c585a24f7a905877ab247a95e6b36b47a
SHA512

c63e39216d4deafb018d633155265b9d39d0f024d40a1b8463fb32b7fb3a92eb51bcc98621e9d77ee58f4008e1a3ef47aff9be43e15a19b2b29070ce7cf1459c
SSDEEP

192:VV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2ZpcQEvbWF8qa1Dojjgi:3qaCF31cix+Dc4zjeeTiFF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://121.5.69.117:6636/3Isn

Attributes

user_agent
User-Agent: Mozilla/5.0 (Windows NT 9.2; Win64; x64; rv:43.43.2) Gecko/20100101 Firefox/43.43.2

Targets

- Target
  
  69b58bd2fce068716ec67dd37adce58c585a24f7a905877ab247a95e6b36b47a
- Size
  
  19KB
- MD5
  
  983c53b661f35ba64028561ef7d8537b
- SHA1
  
  1c4c6c1a1f6c76c42dbbc98ff7a3985884ad0804
- SHA256
  
  69b58bd2fce068716ec67dd37adce58c585a24f7a905877ab247a95e6b36b47a
- SHA512
  
  c63e39216d4deafb018d633155265b9d39d0f024d40a1b8463fb32b7fb3a92eb51bcc98621e9d77ee58f4008e1a3ef47aff9be43e15a19b2b29070ce7cf1459c
- SSDEEP
  
  192:VV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2ZpcQEvbWF8qa1Dojjgi:3qaCF31cix+Dc4zjeeTiFF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

cobaltstrikebackdoortrojan