cobaltstrike | 994c300afefe614202adb3950ae10da11e2b047b7f6d839b02482ba054920748 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

994c300afefe614202adb3950ae10da11e2b047b7f6d839b02482ba054920748
Size

19KB
Sample

240220-e7fksabf52
MD5

5f14c8c69029e0c10c5f66d0a7283190
SHA1

8f37c0522a109b9792bd31f109d9b4005186f62d
SHA256

994c300afefe614202adb3950ae10da11e2b047b7f6d839b02482ba054920748
SHA512

c72a68a477fa6584733d6e91e36200e4afd85c0d482681bb6ee1c7284d14ed1a2585e3796529ad663a078a2c88f9084eb88d416f14fadd10aa8c471e0b5d6fb1
SSDEEP

192:pV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/299AcaY5EuWF8qa1Dojjgi:LqaCF31cix+Dc4zje6FF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://47.97.3.82:5542/EvSO

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; UHS)

Targets

- Target
  
  994c300afefe614202adb3950ae10da11e2b047b7f6d839b02482ba054920748
- Size
  
  19KB
- MD5
  
  5f14c8c69029e0c10c5f66d0a7283190
- SHA1
  
  8f37c0522a109b9792bd31f109d9b4005186f62d
- SHA256
  
  994c300afefe614202adb3950ae10da11e2b047b7f6d839b02482ba054920748
- SHA512
  
  c72a68a477fa6584733d6e91e36200e4afd85c0d482681bb6ee1c7284d14ed1a2585e3796529ad663a078a2c88f9084eb88d416f14fadd10aa8c471e0b5d6fb1
- SSDEEP
  
  192:pV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/299AcaY5EuWF8qa1Dojjgi:LqaCF31cix+Dc4zje6FF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan