cobaltstrike | 0cb3619fb6f056b210d84c80b4efd60d15fd8e14823ec8ece4fc5cae30e304f1 | Triage

Sharing

General

Target

tmp
Size

1.3MB
Sample

240213-vzyz6aeh87
MD5

24b45b8204627c219a55afce4e1a5aab
SHA1

2b620edc9995f87c327ca81bb2004aa57343a6e0
SHA256

0cb3619fb6f056b210d84c80b4efd60d15fd8e14823ec8ece4fc5cae30e304f1
SHA512

48aa54aaa910e4038a143e65662b2190064bf74c1980fb2881ef414980f4ca1be2450b0aa0a3ea5919415fdbc7008b06bf9dbe8da120332bb2685dbc55c5a642
SSDEEP

24576:Y+CtHqlM+f7XM+B15tqnSnB35PTDpawi5CFfnUpnP:WiM+bXV3swKuUpnP

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://91.92.242.62:8088/zEPN

Attributes

user_agent
User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/1.40

Targets

- Target
  
  tmp
- Size
  
  1.3MB
- MD5
  
  24b45b8204627c219a55afce4e1a5aab
- SHA1
  
  2b620edc9995f87c327ca81bb2004aa57343a6e0
- SHA256
  
  0cb3619fb6f056b210d84c80b4efd60d15fd8e14823ec8ece4fc5cae30e304f1
- SHA512
  
  48aa54aaa910e4038a143e65662b2190064bf74c1980fb2881ef414980f4ca1be2450b0aa0a3ea5919415fdbc7008b06bf9dbe8da120332bb2685dbc55c5a642
- SSDEEP
  
  24576:Y+CtHqlM+f7XM+B15tqnSnB35PTDpawi5CFfnUpnP:WiM+bXV3swKuUpnP
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

cobaltstrikebackdoortrojan