cobaltstrike | 75e13c912ad8e7ac9c5aaa33e0cf8384decd26e13748b90105836e2debcaef9d | Triage

Sharing

General

Target

75e13c912ad8e7ac9c5aaa33e0cf8384decd26e13748b90105836e2debcaef9d
Size

19KB
Sample

240330-l2hxaada21
MD5

93f0d32b0e37e34d36ef5b4b561d2b84
SHA1

2e0bf48245741cfabcab0137dce66b523b756ebc
SHA256

75e13c912ad8e7ac9c5aaa33e0cf8384decd26e13748b90105836e2debcaef9d
SHA512

15094fc90ddb5404fc1e7aa9813db7f06071191ad24557991424edd47936eeaf60f1a0166c63acc76367e286bfc7e333ed25bfd93f6d9b966514146a6c96742f
SSDEEP

192:cV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/20dvrHAWWF8qa1Dojjgi:+qaCF31cix+Dc4zjzdjYFF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://120.55.183.201:1234/HoXN

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; Trident/6.0; Touch)

Targets

- Target
  
  75e13c912ad8e7ac9c5aaa33e0cf8384decd26e13748b90105836e2debcaef9d
- Size
  
  19KB
- MD5
  
  93f0d32b0e37e34d36ef5b4b561d2b84
- SHA1
  
  2e0bf48245741cfabcab0137dce66b523b756ebc
- SHA256
  
  75e13c912ad8e7ac9c5aaa33e0cf8384decd26e13748b90105836e2debcaef9d
- SHA512
  
  15094fc90ddb5404fc1e7aa9813db7f06071191ad24557991424edd47936eeaf60f1a0166c63acc76367e286bfc7e333ed25bfd93f6d9b966514146a6c96742f
- SSDEEP
  
  192:cV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/20dvrHAWWF8qa1Dojjgi:+qaCF31cix+Dc4zjzdjYFF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan