cobaltstrike | 66d79ffa703a6a51e4fa8dee5ad1ed9b5dc8b228a8e385a0fb1aa5994cb245c1 | Triage

Sharing

General

Target

50c9f9b4fe6c26be872aff095e05a981.exe
Size

1.0MB
Sample

240417-frffhsed39
MD5

50c9f9b4fe6c26be872aff095e05a981
SHA1

c8a0319c185e4f64775401a05bb20dc4aa4e56c6
SHA256

66d79ffa703a6a51e4fa8dee5ad1ed9b5dc8b228a8e385a0fb1aa5994cb245c1
SHA512

c0dd2545d17f69b7bce2f18ee21cf6e84e03792ee1df3c75f76739eceae98fd1b4e9953da8b01bf2990686119e2faf3ca98ce13ce624abfb5266b23a12f778e1
SSDEEP

24576:uSn0N6s6wGwWjt53VnTlZjK3ZgESPzK1:uSnA6s6wGwYX3VpZqZgEGzK1

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://139.196.73.80:9902/WNwA

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)

Targets

- Target
  
  50c9f9b4fe6c26be872aff095e05a981.exe
- Size
  
  1.0MB
- MD5
  
  50c9f9b4fe6c26be872aff095e05a981
- SHA1
  
  c8a0319c185e4f64775401a05bb20dc4aa4e56c6
- SHA256
  
  66d79ffa703a6a51e4fa8dee5ad1ed9b5dc8b228a8e385a0fb1aa5994cb245c1
- SHA512
  
  c0dd2545d17f69b7bce2f18ee21cf6e84e03792ee1df3c75f76739eceae98fd1b4e9953da8b01bf2990686119e2faf3ca98ce13ce624abfb5266b23a12f778e1
- SSDEEP
  
  24576:uSn0N6s6wGwWjt53VnTlZjK3ZgESPzK1:uSnA6s6wGwYX3VpZqZgEGzK1
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan