cobaltstrike | 04c8f231e89fee94587c6a9e5b3161a4ffee8e4f8333fc455ab4eecdb94dd6fe | Triage

Sharing

General

Target

04c8f231e89fee94587c6a9e5b3161a4ffee8e4f8333fc455ab4eecdb94dd6fe
Size

19KB
Sample

240416-wta7ksha55
MD5

b921ecfa820bb9ffafb7032ab19dbcb6
SHA1

2fa6a67d48d4da74062f97988f60cb28c2f915c6
SHA256

04c8f231e89fee94587c6a9e5b3161a4ffee8e4f8333fc455ab4eecdb94dd6fe
SHA512

07ca37673df01e7c7f50fc2190b445428fbd3e3427ee069aa4028a7bb095b72c6a717c11b8bcd3d87a0cfaba551d80c902ec4b2ac4825f5a8dee8bced6ac517f
SSDEEP

192:BV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2A9WF8qa1Dojjgi:TqaCF31cix+Dc4zjiFF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.220.128:80/JStL

Attributes

user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)

Targets

- Target
  
  04c8f231e89fee94587c6a9e5b3161a4ffee8e4f8333fc455ab4eecdb94dd6fe
- Size
  
  19KB
- MD5
  
  b921ecfa820bb9ffafb7032ab19dbcb6
- SHA1
  
  2fa6a67d48d4da74062f97988f60cb28c2f915c6
- SHA256
  
  04c8f231e89fee94587c6a9e5b3161a4ffee8e4f8333fc455ab4eecdb94dd6fe
- SHA512
  
  07ca37673df01e7c7f50fc2190b445428fbd3e3427ee069aa4028a7bb095b72c6a717c11b8bcd3d87a0cfaba551d80c902ec4b2ac4825f5a8dee8bced6ac517f
- SSDEEP
  
  192:BV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2A9WF8qa1Dojjgi:TqaCF31cix+Dc4zjiFF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan