cobaltstrike | 08da2015d58a21e43303de932669842a2ef98123df64fe5b340054f0a4522d92 | Triage

Sharing

General

Target

08da2015d58a21e43303de932669842a2ef98123df64fe5b340054f0a4522d92
Size

19KB
Sample

240331-cdwc2acc66
MD5

b53ac4483ca127fe055be1f8a46e5c9d
SHA1

ca5eb2e158754fcc2f7670a9f15e5779794c0377
SHA256

08da2015d58a21e43303de932669842a2ef98123df64fe5b340054f0a4522d92
SHA512

3c17b839dd3abb1d7c6c95a5cace5205ac46810df1602cf4ad9417a7b6c9a982f245cd6b41ab15470e0e62d3f5a945a1d00ade6d31652cd159829b54182a94ef
SSDEEP

192:SV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2e9NaqiAw6WF8qa1Dojjgi:cqaCF31cix+Dc4zj5XwjFF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.2.81:8888/K5it

Attributes

user_agent
User-Agent: Mozilla/5.0 (Windows NT 6.1; Trident/7.0; rv:11.0) like Gecko

Targets

- Target
  
  08da2015d58a21e43303de932669842a2ef98123df64fe5b340054f0a4522d92
- Size
  
  19KB
- MD5
  
  b53ac4483ca127fe055be1f8a46e5c9d
- SHA1
  
  ca5eb2e158754fcc2f7670a9f15e5779794c0377
- SHA256
  
  08da2015d58a21e43303de932669842a2ef98123df64fe5b340054f0a4522d92
- SHA512
  
  3c17b839dd3abb1d7c6c95a5cace5205ac46810df1602cf4ad9417a7b6c9a982f245cd6b41ab15470e0e62d3f5a945a1d00ade6d31652cd159829b54182a94ef
- SSDEEP
  
  192:SV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2e9NaqiAw6WF8qa1Dojjgi:cqaCF31cix+Dc4zj5XwjFF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan