cobaltstrike | 7a27057f3fc2b311f3a0e4c3fa3e60ba0e5a9d8c06dabbb35e68218eb07e8f5b | Triage

Sharing

General

Target

7a27057f3fc2b311f3a0e4c3fa3e60ba0e5a9d8c06dabbb35e68218eb07e8f5b
Size

1.7MB
Sample

240310-jw4wfsgc31
MD5

02f9b132f7088a4de88e6c7999a076ec
SHA1

a619360c434fbc1b95f98908c3d9a43a94f41edc
SHA256

7a27057f3fc2b311f3a0e4c3fa3e60ba0e5a9d8c06dabbb35e68218eb07e8f5b
SHA512

8ada9f1f69195b7a85749669436b9bc4d217b3512daa56638750399ee6abd2c2808ba0251c647c3f3c4ff87dc730b464aa4c48323897b0f392801ba744b42ec8
SSDEEP

24576:prYpKkbdxLzcWP7DXy6Hy+bPKLCFQVcfBvl3n/d9XJ3W:6pKkbHfnXy6Hy+bK6QCBt/dpg

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://47.94.236.117:8888/dQp8

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)

Targets

- Target
  
  7a27057f3fc2b311f3a0e4c3fa3e60ba0e5a9d8c06dabbb35e68218eb07e8f5b
- Size
  
  1.7MB
- MD5
  
  02f9b132f7088a4de88e6c7999a076ec
- SHA1
  
  a619360c434fbc1b95f98908c3d9a43a94f41edc
- SHA256
  
  7a27057f3fc2b311f3a0e4c3fa3e60ba0e5a9d8c06dabbb35e68218eb07e8f5b
- SHA512
  
  8ada9f1f69195b7a85749669436b9bc4d217b3512daa56638750399ee6abd2c2808ba0251c647c3f3c4ff87dc730b464aa4c48323897b0f392801ba744b42ec8
- SSDEEP
  
  24576:prYpKkbdxLzcWP7DXy6Hy+bPKLCFQVcfBvl3n/d9XJ3W:6pKkbHfnXy6Hy+bK6QCBt/dpg
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

cobaltstrikebackdoortrojan