cobaltstrike | 03c119b19b12fe8b2c5fd89fb7980154ea8587de1d0c9b11c0a2ac4b92e4e4c5 | Triage

Sharing

General

Target

03c119b19b12fe8b2c5fd89fb7980154ea8587de1d0c9b11c0a2ac4b92e4e4c5
Size

19KB
Sample

240328-sb6zraha7s
MD5

79107ff7454835705e12af5d3ffaeda2
SHA1

1eff19a8e77a21cbf71ac5d1d36ef85a0712afa0
SHA256

03c119b19b12fe8b2c5fd89fb7980154ea8587de1d0c9b11c0a2ac4b92e4e4c5
SHA512

348912ffaa20942a7ecf799bcf2522808bf1b0386971957cdd3ccac2ea974ba00ad7cd52a3c8327ebcde080657a8d38204da32ee0531cd26613ddae77770e4b9
SSDEEP

192:4V7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2JFU7USWF8qa1Dojjgi:qqaCF31cix+Dc4zjeFUQrFF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.60.152:90/VTcP

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0; BOIE9;ENUS)

Targets

- Target
  
  03c119b19b12fe8b2c5fd89fb7980154ea8587de1d0c9b11c0a2ac4b92e4e4c5
- Size
  
  19KB
- MD5
  
  79107ff7454835705e12af5d3ffaeda2
- SHA1
  
  1eff19a8e77a21cbf71ac5d1d36ef85a0712afa0
- SHA256
  
  03c119b19b12fe8b2c5fd89fb7980154ea8587de1d0c9b11c0a2ac4b92e4e4c5
- SHA512
  
  348912ffaa20942a7ecf799bcf2522808bf1b0386971957cdd3ccac2ea974ba00ad7cd52a3c8327ebcde080657a8d38204da32ee0531cd26613ddae77770e4b9
- SSDEEP
  
  192:4V7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2JFU7USWF8qa1Dojjgi:qqaCF31cix+Dc4zjeFUQrFF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan