cobaltstrike | c2dfd7f97a33baba293433c58019c4cf24e3b755e84071a2d8b3012fbe082302 | Triage

Sharing

General

Target

c2dfd7f97a33baba293433c58019c4cf24e3b755e84071a2d8b3012fbe082302
Size

19KB
Sample

240330-lzj2kach61
MD5

203a694ac54a08611d1ddc8e8d6a9af8
SHA1

1cf2d9687da62f49169987b2a8e333c17035eb3d
SHA256

c2dfd7f97a33baba293433c58019c4cf24e3b755e84071a2d8b3012fbe082302
SHA512

8f947415e0b6f841d8dc57441818223e2c4475e21ec602b1d147ec43c3c194d8fc145ba0e43b229f65ec333a011b5b77fb725ec4d4a5aaf5b203f5392b4cc94c
SSDEEP

192:TV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2dKv15QPkWF8qa1Dojjgi:9qaCF31cix+Dc4zjIkQPRFF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://43.143.175.225:8008/ab5e

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; MALCJS)

Targets

- Target
  
  c2dfd7f97a33baba293433c58019c4cf24e3b755e84071a2d8b3012fbe082302
- Size
  
  19KB
- MD5
  
  203a694ac54a08611d1ddc8e8d6a9af8
- SHA1
  
  1cf2d9687da62f49169987b2a8e333c17035eb3d
- SHA256
  
  c2dfd7f97a33baba293433c58019c4cf24e3b755e84071a2d8b3012fbe082302
- SHA512
  
  8f947415e0b6f841d8dc57441818223e2c4475e21ec602b1d147ec43c3c194d8fc145ba0e43b229f65ec333a011b5b77fb725ec4d4a5aaf5b203f5392b4cc94c
- SSDEEP
  
  192:TV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2dKv15QPkWF8qa1Dojjgi:9qaCF31cix+Dc4zjIkQPRFF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan