cobaltstrike | 2e558acfcd5d6f79a03b1c5fa265c5a493f70950bf1009885bce0d59d75d613f | Triage

Sharing

General

Target

2e558acfcd5d6f79a03b1c5fa265c5a493f70950bf1009885bce0d59d75d613f
Size

1.3MB
Sample

240415-tk4rescg51
MD5

852b5a21c2f024a21d41ccd797fd31d9
SHA1

f6d7333fb82c7aeb8423fe3f09913ac4c19475ac
SHA256

2e558acfcd5d6f79a03b1c5fa265c5a493f70950bf1009885bce0d59d75d613f
SHA512

3a639b9464af0064a82517cb96afb41780381c76718dee9cd50331435506d826981f2a13529c56c2e0d734a4d48aefa3bc09ad897dfac82fed4b226ff84a1783
SSDEEP

24576:jvCQG2RTMQ+depK8u3Y2VsndCZJfVOV0tmr:zoATGRC

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.54.129:80/VRDq

Attributes

user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 2.0.50727; InfoPath.2)

Targets

- Target
  
  2e558acfcd5d6f79a03b1c5fa265c5a493f70950bf1009885bce0d59d75d613f
- Size
  
  1.3MB
- MD5
  
  852b5a21c2f024a21d41ccd797fd31d9
- SHA1
  
  f6d7333fb82c7aeb8423fe3f09913ac4c19475ac
- SHA256
  
  2e558acfcd5d6f79a03b1c5fa265c5a493f70950bf1009885bce0d59d75d613f
- SHA512
  
  3a639b9464af0064a82517cb96afb41780381c76718dee9cd50331435506d826981f2a13529c56c2e0d734a4d48aefa3bc09ad897dfac82fed4b226ff84a1783
- SSDEEP
  
  24576:jvCQG2RTMQ+depK8u3Y2VsndCZJfVOV0tmr:zoATGRC
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

cobaltstrikebackdoortrojan