cobaltstrike | 960e1e7f437bed5d40b0334b0e1a7ed78102bcbd14f8b2a25e8ae67d0d93b5ff | Triage

Sharing

Copy URL Twitter E-mail

General

Target

960e1e7f437bed5d40b0334b0e1a7ed78102bcbd14f8b2a25e8ae67d0d93b5ff
Size

2.2MB
Sample

240306-hbg1hsed84
MD5

16c331d7472060d7b606109d7e6b2d86
SHA1

c99580d7963fc1981de10b7884478defa88cf1b6
SHA256

960e1e7f437bed5d40b0334b0e1a7ed78102bcbd14f8b2a25e8ae67d0d93b5ff
SHA512

ec0f66ea78a62a21261b4263dc4c2835a1cb25ede37a892b1c5fe0b931a308b355d180acabcabc510316f6a219eb2c68f368d44be789460c9d197b762806c430
SSDEEP

49152:uTyuGyYJckACdlwXWCRTOl9Oj8genrg+D1:iGMmbIw

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://39.100.116.157:80/Rua5

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; BOIE9;ENUS)

Targets

- Target
  
  960e1e7f437bed5d40b0334b0e1a7ed78102bcbd14f8b2a25e8ae67d0d93b5ff
- Size
  
  2.2MB
- MD5
  
  16c331d7472060d7b606109d7e6b2d86
- SHA1
  
  c99580d7963fc1981de10b7884478defa88cf1b6
- SHA256
  
  960e1e7f437bed5d40b0334b0e1a7ed78102bcbd14f8b2a25e8ae67d0d93b5ff
- SHA512
  
  ec0f66ea78a62a21261b4263dc4c2835a1cb25ede37a892b1c5fe0b931a308b355d180acabcabc510316f6a219eb2c68f368d44be789460c9d197b762806c430
- SSDEEP
  
  49152:uTyuGyYJckACdlwXWCRTOl9Oj8genrg+D1:iGMmbIw
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan