cobaltstrike | 52470c44e9adb46b079991326ff14f613d082bafa2b0080c42001dd0cd7182f4 | Triage

Sharing

General

Target

52470c44e9adb46b079991326ff14f613d082bafa2b0080c42001dd0cd7182f4
Size

19KB
Sample

240416-dmnvzshg7w
MD5

06e4275ea1dd2498f0ff217b957659ef
SHA1

a35ff2dfe5c25f67d93e944f550ddfc03f5f99a0
SHA256

52470c44e9adb46b079991326ff14f613d082bafa2b0080c42001dd0cd7182f4
SHA512

11f7e61df047ff9fcd0e41fe2007d25a0ec169e7475933ac9e80a22c724e5ba340be1ada2f9d3d963261e3a28e62b818d70826662cfcd6b706f8bd29a0bc9d52
SSDEEP

192:hV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2rXn0GcWF8qa1Dojjgi:zqaCF31cix+Dc4zjorFF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://104.21.13.64:8080/A5ny

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows Phone OS 7.5; Trident/5.0; IEMobile/9.0; LG; LG-E906) Host: www.ssdzf.life:8080

Targets

- Target
  
  52470c44e9adb46b079991326ff14f613d082bafa2b0080c42001dd0cd7182f4
- Size
  
  19KB
- MD5
  
  06e4275ea1dd2498f0ff217b957659ef
- SHA1
  
  a35ff2dfe5c25f67d93e944f550ddfc03f5f99a0
- SHA256
  
  52470c44e9adb46b079991326ff14f613d082bafa2b0080c42001dd0cd7182f4
- SHA512
  
  11f7e61df047ff9fcd0e41fe2007d25a0ec169e7475933ac9e80a22c724e5ba340be1ada2f9d3d963261e3a28e62b818d70826662cfcd6b706f8bd29a0bc9d52
- SSDEEP
  
  192:hV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2rXn0GcWF8qa1Dojjgi:zqaCF31cix+Dc4zjorFF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan