cobaltstrike | bf9b363c5adf5fc2a59a86708139854086eabb898e926c8d343e875bd38a39b5 | Triage

Sharing

General

Target

bf9b363c5adf5fc2a59a86708139854086eabb898e926c8d343e875bd38a39b5
Size

965KB
Sample

240417-ev1eesde46
MD5

6c95c4fac8433f1427025f553e3b270f
SHA1

d08ca4df204826c9f673164f188c25ecd7701c7b
SHA256

bf9b363c5adf5fc2a59a86708139854086eabb898e926c8d343e875bd38a39b5
SHA512

c421e8705144260deb174e6e358a9e6aaf28d823b6b3a382d51fd84d4750997df2081ef1727ccb57130f391d7ab6c14b67ed462bb0d3d5e6129ee35e0241055b
SSDEEP

12288:8cBUhWhztePxI1jTZeLTMT/8HMBi/4+HVLp3ESVofxjufgC0x:8cBi2ACriMTnqRkufAx

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://149.88.69.102:5555/od8R

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; MATP; MATP)

Targets

- Target
  
  bf9b363c5adf5fc2a59a86708139854086eabb898e926c8d343e875bd38a39b5
- Size
  
  965KB
- MD5
  
  6c95c4fac8433f1427025f553e3b270f
- SHA1
  
  d08ca4df204826c9f673164f188c25ecd7701c7b
- SHA256
  
  bf9b363c5adf5fc2a59a86708139854086eabb898e926c8d343e875bd38a39b5
- SHA512
  
  c421e8705144260deb174e6e358a9e6aaf28d823b6b3a382d51fd84d4750997df2081ef1727ccb57130f391d7ab6c14b67ed462bb0d3d5e6129ee35e0241055b
- SSDEEP
  
  12288:8cBUhWhztePxI1jTZeLTMT/8HMBi/4+HVLp3ESVofxjufgC0x:8cBi2ACriMTnqRkufAx
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

cobaltstrikebackdoortrojan