cobaltstrike | f8a5c83b63638b9a60248ff0bc35e003dbad003d32aaa11a38fe17fb8fe62d9a | Triage

Sharing

General

Target

f8a5c83b63638b9a60248ff0bc35e003dbad003d32aaa11a38fe17fb8fe62d9a
Size

19KB
Sample

240331-zr7pjscb2x
MD5

74500f1ceec00aa57e42b0610fbfa218
SHA1

ec9091d51a86a59928f0e69e2398dc95e2cd4705
SHA256

f8a5c83b63638b9a60248ff0bc35e003dbad003d32aaa11a38fe17fb8fe62d9a
SHA512

0ce9fa6bb3cbd48e9aa4be336b86c551021810a9f029a4a2d726204c71aa9fedffbda67e060d91b8af3f2eb12bb9b734d625676c5af594cb39fcb4f825d50863
SSDEEP

192:NV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2cwTs/+OzB96WF8qa1Dojjgi:/qaCF31cix+Dc4zjMs/+OzB9jFF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.1.143:80/VxBM

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; MASP)

Targets

- Target
  
  f8a5c83b63638b9a60248ff0bc35e003dbad003d32aaa11a38fe17fb8fe62d9a
- Size
  
  19KB
- MD5
  
  74500f1ceec00aa57e42b0610fbfa218
- SHA1
  
  ec9091d51a86a59928f0e69e2398dc95e2cd4705
- SHA256
  
  f8a5c83b63638b9a60248ff0bc35e003dbad003d32aaa11a38fe17fb8fe62d9a
- SHA512
  
  0ce9fa6bb3cbd48e9aa4be336b86c551021810a9f029a4a2d726204c71aa9fedffbda67e060d91b8af3f2eb12bb9b734d625676c5af594cb39fcb4f825d50863
- SSDEEP
  
  192:NV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2cwTs/+OzB96WF8qa1Dojjgi:/qaCF31cix+Dc4zjMs/+OzB9jFF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan