cobaltstrike | 965122238c430da96eafb25fb39d63e11f6ed2c1889cc6875f56fb2ce34de6c5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

965122238c430da96eafb25fb39d63e11f6ed2c1889cc6875f56fb2ce34de6c5
Size

1.9MB
Sample

240113-mtn9rsggcj
MD5

5d411f6dc3405d37f2c7681a7e16fbc6
SHA1

833ca92c192313022b2c09ba90f7dff9842e9510
SHA256

965122238c430da96eafb25fb39d63e11f6ed2c1889cc6875f56fb2ce34de6c5
SHA512

9f729521c51bd17e567d40b7039d1d291a7299583c4f26dafa73d9905d36ad119622b8f1fbbe5797cb36515563459ae3017312e063b5e7520c2369c41285f104
SSDEEP

49152:ax63m8rb/TBvO90dL3BmAFd4A64nsfJKYZcLgOaBaeghgSkMb1:53hYF6hg

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://10.211.55.8:8080/__version_check

Attributes

user_agent
User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/1.40

Targets

- Target
  
  965122238c430da96eafb25fb39d63e11f6ed2c1889cc6875f56fb2ce34de6c5
- Size
  
  1.9MB
- MD5
  
  5d411f6dc3405d37f2c7681a7e16fbc6
- SHA1
  
  833ca92c192313022b2c09ba90f7dff9842e9510
- SHA256
  
  965122238c430da96eafb25fb39d63e11f6ed2c1889cc6875f56fb2ce34de6c5
- SHA512
  
  9f729521c51bd17e567d40b7039d1d291a7299583c4f26dafa73d9905d36ad119622b8f1fbbe5797cb36515563459ae3017312e063b5e7520c2369c41285f104
- SSDEEP
  
  49152:ax63m8rb/TBvO90dL3BmAFd4A64nsfJKYZcLgOaBaeghgSkMb1:53hYF6hg
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2