cobaltstrike | b9c9439a28ae2630c987a76366d4e573dba61fcdb4dc2b27390c541b20fcb249 | Triage

Sharing

General

Target

b9c9439a28ae2630c987a76366d4e573dba61fcdb4dc2b27390c541b20fcb249
Size

19KB
Sample

240417-ahfr2ahg8w
MD5

abf9411eb9f27586135c2b8045ab3e7a
SHA1

3e55be103701d90d7509275f2a2f3cae6c305a5b
SHA256

b9c9439a28ae2630c987a76366d4e573dba61fcdb4dc2b27390c541b20fcb249
SHA512

a100bd3c66b6010f65383c8525c0113389e63ff07860e96bd2f264b50fa4138bad9975deacec73a9744697dd35cb9df4ff40b1dd78c1ee381f2e8a135fe6eec7
SSDEEP

192:3V7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2mWF8qa1Dojjgi:hqaCF31cix+Dc4zjYFF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://148.135.72.115:8081/5hXh

Attributes

user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0)

Targets

- Target
  
  b9c9439a28ae2630c987a76366d4e573dba61fcdb4dc2b27390c541b20fcb249
- Size
  
  19KB
- MD5
  
  abf9411eb9f27586135c2b8045ab3e7a
- SHA1
  
  3e55be103701d90d7509275f2a2f3cae6c305a5b
- SHA256
  
  b9c9439a28ae2630c987a76366d4e573dba61fcdb4dc2b27390c541b20fcb249
- SHA512
  
  a100bd3c66b6010f65383c8525c0113389e63ff07860e96bd2f264b50fa4138bad9975deacec73a9744697dd35cb9df4ff40b1dd78c1ee381f2e8a135fe6eec7
- SSDEEP
  
  192:3V7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2mWF8qa1Dojjgi:hqaCF31cix+Dc4zjYFF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan