cobaltstrike | b61f41e4bb298e0159525707beaefbdb68d3bcea1a33b33f1504a916ce9cd59b | Triage

Sharing

General

Target

b61f41e4bb298e0159525707beaefbdb68d3bcea1a33b33f1504a916ce9cd59b
Size

19KB
Sample

240417-v9swwsac61
MD5

741fbebbf6861bd1cbe6ea9c777a95d7
SHA1

262a14be036fe558ea64843e2c57b03bf7df6c0c
SHA256

b61f41e4bb298e0159525707beaefbdb68d3bcea1a33b33f1504a916ce9cd59b
SHA512

31d5ba2f38d8cc5d25fa119eb2b10a2ba4ed4eac01b75bfc843db6da0aeac196f2e7bd310f67041eb8f91d023d491c56da24dc45c10ca1636af8b47ee913d84e
SSDEEP

192:qV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2jlpWF8qa1Dojjgi:EqaCF31cix+Dc4zj4l0FF46gi

Score

10^/10

cobaltstrike backdoor trojan

Malware Config

Extracted

Family

cobaltstrike

C2

http://192.168.56.101:443/8Hmp

Attributes

user_agent
User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; InfoPath.3; .NET CLR 2.0.50727)

Targets

- Target
  
  b61f41e4bb298e0159525707beaefbdb68d3bcea1a33b33f1504a916ce9cd59b
- Size
  
  19KB
- MD5
  
  741fbebbf6861bd1cbe6ea9c777a95d7
- SHA1
  
  262a14be036fe558ea64843e2c57b03bf7df6c0c
- SHA256
  
  b61f41e4bb298e0159525707beaefbdb68d3bcea1a33b33f1504a916ce9cd59b
- SHA512
  
  31d5ba2f38d8cc5d25fa119eb2b10a2ba4ed4eac01b75bfc843db6da0aeac196f2e7bd310f67041eb8f91d023d491c56da24dc45c10ca1636af8b47ee913d84e
- SSDEEP
  
  192:qV7qaCF6Op1t2dobVXujRDcBaXWQjwOT/2jlpWF8qa1Dojjgi:EqaCF31cix+Dc4zj4l0FF46gi
Score

10^/10

cobaltstrike backdoor trojan
- Cobaltstrike
  Detected malicious payload which is part of Cobaltstrike.
  trojan backdoor cobaltstrike
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

cobaltstrikebackdoortrojan

behavioral2

cobaltstrikebackdoortrojan