cobaltstrike | 43d74a25721d1cfad18b41407d3ecd94b4c24c7aba5d34ab91a2393c9934ee74 | Triage

Sharing

General

Target

43d74a25721d1cfad18b41407d3ecd94b4c24c7aba5d34ab91a2393c9934ee74
Size

19KB
Sample

240329-lzje2afc26
MD5

7ee41d177accae0001947f06f31884ba
SHA1

be12260cdb73dd4a449cafb6db98cb814b49318f
SHA256

43d74a25721d1cfad18b41407d3ecd94b4c24c7aba5d34ab91a2393c9934ee74
SHA512

a4c41a55489302734b457c665bc2cf714d8edd2a9b231573a5d24417a0cd60589e6107627b90762a1131d4ceb6efa8ce143570889438f6a466680b3ab0c6db29
SSDEEP

192:6V7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2kjxLw0+WF8qa1Dojjgi:UqaCF31cix+Dc4zjBjmeFF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://tools.trtyr.top:80/api/2

Attributes

user_agent
Host: tools.trtyr.top User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; InfoPath.2; .NET CLR 2.0.50727)

Targets

- Target
  
  43d74a25721d1cfad18b41407d3ecd94b4c24c7aba5d34ab91a2393c9934ee74
- Size
  
  19KB
- MD5
  
  7ee41d177accae0001947f06f31884ba
- SHA1
  
  be12260cdb73dd4a449cafb6db98cb814b49318f
- SHA256
  
  43d74a25721d1cfad18b41407d3ecd94b4c24c7aba5d34ab91a2393c9934ee74
- SHA512
  
  a4c41a55489302734b457c665bc2cf714d8edd2a9b231573a5d24417a0cd60589e6107627b90762a1131d4ceb6efa8ce143570889438f6a466680b3ab0c6db29
- SSDEEP
  
  192:6V7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2kjxLw0+WF8qa1Dojjgi:UqaCF31cix+Dc4zjBjmeFF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan