cobaltstrike | b19db74849162452e34d1380dcbd1dfa2c587497641aae827edc7285bd6a0c81 | Triage

Sharing

General

Target

payload.exe
Size

17KB
Sample

240212-ex14qsha7s
MD5

0559600489a9c39a1a4ee5f28a982fc8
SHA1

951cffbba024d580527d862cf374c5626712cedf
SHA256

b19db74849162452e34d1380dcbd1dfa2c587497641aae827edc7285bd6a0c81
SHA512

2d9495adf0a0f15642318c18f97b74c41b11ed24b2a6b31356f7ddd100e8d0e0a09e959c27744efad5aa9f58ade8583a84e0a56d9e3bcdbfa3b539fafbb4ebe5
SSDEEP

192:aeA0TJAPyjLHY219R8C6wtQbYu2KmbxQ2C04kvWgepEt2EJKtMu3j6EUbOD6kxiY:7A0TJASPp6p/D43FvWgepAJ+r6IAY

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.1.6:8080/UAoX

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; Trident/6.0)

Targets

- Target
  
  payload.exe
- Size
  
  17KB
- MD5
  
  0559600489a9c39a1a4ee5f28a982fc8
- SHA1
  
  951cffbba024d580527d862cf374c5626712cedf
- SHA256
  
  b19db74849162452e34d1380dcbd1dfa2c587497641aae827edc7285bd6a0c81
- SHA512
  
  2d9495adf0a0f15642318c18f97b74c41b11ed24b2a6b31356f7ddd100e8d0e0a09e959c27744efad5aa9f58ade8583a84e0a56d9e3bcdbfa3b539fafbb4ebe5
- SSDEEP
  
  192:aeA0TJAPyjLHY219R8C6wtQbYu2KmbxQ2C04kvWgepEt2EJKtMu3j6EUbOD6kxiY:7A0TJASPp6p/D43FvWgepAJ+r6IAY
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan