cobaltstrike | 7c796fd677dd81bc52d033013d12fa16eedf96e27172fb2df2bf163958fc9510 | Triage

Sharing

General

Target

7c796fd677dd81bc52d033013d12fa16eedf96e27172fb2df2bf163958fc9510
Size

19KB
Sample

240315-lzfddade4y
MD5

b05bdf5e223abd2508e3bf2dfd5c31b1
SHA1

c431d880618d7f5d86347e762d202f631192d387
SHA256

7c796fd677dd81bc52d033013d12fa16eedf96e27172fb2df2bf163958fc9510
SHA512

c6ea227f081ed90b01be8e3662aba51325029fd7d2768e8140cd83e8771e69783a4a6d4efd2a56faf4c10665ebbd04b617b3f48cd10f65a1e375085e0d50eb71
SSDEEP

192:6V7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2NeHSfRBL9cWF8qa1Dojjgi:UqaCF31cix+Dc4zj9HS5HZFF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://47.113.231.242:8080/bJFk

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; BOIE9;ENUS)

Targets

- Target
  
  7c796fd677dd81bc52d033013d12fa16eedf96e27172fb2df2bf163958fc9510
- Size
  
  19KB
- MD5
  
  b05bdf5e223abd2508e3bf2dfd5c31b1
- SHA1
  
  c431d880618d7f5d86347e762d202f631192d387
- SHA256
  
  7c796fd677dd81bc52d033013d12fa16eedf96e27172fb2df2bf163958fc9510
- SHA512
  
  c6ea227f081ed90b01be8e3662aba51325029fd7d2768e8140cd83e8771e69783a4a6d4efd2a56faf4c10665ebbd04b617b3f48cd10f65a1e375085e0d50eb71
- SSDEEP
  
  192:6V7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2NeHSfRBL9cWF8qa1Dojjgi:UqaCF31cix+Dc4zj9HS5HZFF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan