cobaltstrike | 2d0bda96ddae5d9d822e5ca81c1e564d48e884d112b0d8de1588c9211b1736e2 | Triage

Sharing

General

Target

2d0bda96ddae5d9d822e5ca81c1e564d48e884d112b0d8de1588c9211b1736e2
Size

19KB
Sample

240417-pyr8bsff25
MD5

2124e20009d58614edad9c01f5ea3c4b
SHA1

9850fa729ea4cde5cdb68f20c059d754e668bbd6
SHA256

2d0bda96ddae5d9d822e5ca81c1e564d48e884d112b0d8de1588c9211b1736e2
SHA512

55d547c7aca17a1673173a13d396570a55992566f467716df2b6a6c7edf0f0aacd0298c818701aab385dea01860be031d1f34fd82085fc6eb9a77e642f5bfef3
SSDEEP

192:HV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2waZUWF8qa1Dojjgi:xqaCF31cix+Dc4zj5a/FF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://10.20.22.190:8888/oO4k

Attributes

user_agent
User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0; MAARJS)

Targets

- Target
  
  2d0bda96ddae5d9d822e5ca81c1e564d48e884d112b0d8de1588c9211b1736e2
- Size
  
  19KB
- MD5
  
  2124e20009d58614edad9c01f5ea3c4b
- SHA1
  
  9850fa729ea4cde5cdb68f20c059d754e668bbd6
- SHA256
  
  2d0bda96ddae5d9d822e5ca81c1e564d48e884d112b0d8de1588c9211b1736e2
- SHA512
  
  55d547c7aca17a1673173a13d396570a55992566f467716df2b6a6c7edf0f0aacd0298c818701aab385dea01860be031d1f34fd82085fc6eb9a77e642f5bfef3
- SSDEEP
  
  192:HV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2waZUWF8qa1Dojjgi:xqaCF31cix+Dc4zj5a/FF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan