cobaltstrike | 84f1e4c2524fea85c43f9df6ac1449c95d2d3ba5bd7cb6bff2f4e1c97dc8cbe1 | Triage

Sharing

General

Target

84f1e4c2524fea85c43f9df6ac1449c95d2d3ba5bd7cb6bff2f4e1c97dc8cbe1
Size

155KB
Sample

240410-phx4msfd29
MD5

2d2145dd72c9ac1400035a86d4228a30
SHA1

7f56cae259a892a33713ce77eca2b767bf39dd78
SHA256

84f1e4c2524fea85c43f9df6ac1449c95d2d3ba5bd7cb6bff2f4e1c97dc8cbe1
SHA512

101925f8d78134a854f6d10e64d2ad5785a41af986207955da8ef519c7e3c09595f86d7edff1a2258cda7f3b621fc527760bf7c44b34f7c1da1d40c33f970f79
SSDEEP

3072:Lh9P3ZJwZUjvIYB2St36SmOe0J/oOsS3mLdMuKYA:lru67B2SYSmj0BmLK

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://hilaxeten.com:443/files/boxes.png

Attributes

user_agent
Host: vk.com Connection: close User-Agent: Mozilla/5.0 (Linux; Android 8.0.0; SM-G960F Build/R16NW) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202

Targets

- Target
  
  84f1e4c2524fea85c43f9df6ac1449c95d2d3ba5bd7cb6bff2f4e1c97dc8cbe1
- Size
  
  155KB
- MD5
  
  2d2145dd72c9ac1400035a86d4228a30
- SHA1
  
  7f56cae259a892a33713ce77eca2b767bf39dd78
- SHA256
  
  84f1e4c2524fea85c43f9df6ac1449c95d2d3ba5bd7cb6bff2f4e1c97dc8cbe1
- SHA512
  
  101925f8d78134a854f6d10e64d2ad5785a41af986207955da8ef519c7e3c09595f86d7edff1a2258cda7f3b621fc527760bf7c44b34f7c1da1d40c33f970f79
- SSDEEP
  
  3072:Lh9P3ZJwZUjvIYB2St36SmOe0J/oOsS3mLdMuKYA:lru67B2SYSmj0BmLK
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan